Skills
skills/withqwerty/ship/ship-debrief/Gen Agent Trust Hub

ship-debrief

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to access git logs and history for the last 7 days. This is used to understand the timeline and nature of work performed.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and interprets data from git history, which is partially attacker-controlled via commit messages.
  • Ingestion points: Git commit history and branch data are read via the Bash tool in the 'Review recent work' step.
  • Boundary markers: No explicit delimiters or instructions are used to separate untrusted git data from the agent's core instructions, nor are there warnings to ignore embedded commands.
  • Capability inventory: The skill is granted Bash, Write, Read, Glob, and Grep tools, which could be abused if an injection is successful.
  • Sanitization: No sanitization, escaping, or filtering of the retrieved git history is performed before the LLM processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 01:23 AM