pr-threshold
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill executes local git commands (
git diff,git rev-list) to gather statistics. These are read-only operations on the local repository history and do not involve state-changing or dangerous shell commands. - [DATA_EXFILTRATION] (SAFE): No network operations (e.g., curl, wget) or hardcoded credentials were detected. The skill only processes local metadata.
- [PROMPT_INJECTION] (SAFE): The skill processes untrusted repository data (commit messages and filenames), presenting an indirect prompt injection surface. Evidence Chain: 1. Ingestion points: git diff and git rev-list output (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Read-only git metrics extraction. 4. Sanitization: The skill uses
wc -landtail -1to reduce text input into numeric metrics, which effectively mitigates the risk of instructions in repository data influencing agent behavior.
Audit Metadata