ship-focus
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes potentially untrusted data by analyzing the repository's source code and git history.
- Ingestion points: The agent reads file content and git diff output in SKILL.md under 'Examine what's actually changed'.
- Boundary markers: No specific delimiters or 'ignore' instructions are defined for the ingested code content.
- Capability inventory: The skill uses Bash, Read, Glob, Grep, and AskUserQuestion tools.
- Sanitization: No explicit sanitization or validation of the ingested code content is performed before analysis.
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute standard git commands (git diff, git status, git diff --stat) to understand the project scope. This behavior is consistent with the skill's purpose as a development aid.
Audit Metadata