simplify
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs static analysis on local files and documentation to ensure code quality. This behavior is confined to the local filesystem and project scope.
- [COMMAND_EXECUTION]: The skill executes
git diff --name-only main...HEADto identify modified files. This is a standard development workflow command used for scoping the analysis. - [PROMPT_INJECTION]: The skill processes data from source code and task documents, which represents a surface for indirect prompt injection. 1. Ingestion points: Task documentation (
docs/task/*.md), test reports (docs/testing/*.md), and source code files. 2. Boundary markers: No explicit boundary markers or directives to ignore embedded instructions are used. 3. Capability inventory: Command execution (git diff), file reading, and file writing (updating task notes). 4. Sanitization: No content sanitization is performed on the analyzed files. This is considered a safe surface as it is essential to the skill's primary purpose.
Audit Metadata