team-execute
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes git commands (diff, push, add, commit) and file system operations (rm) to manage task states and code changes.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. Ingestion points: Reads task details from external plan files. Boundary markers: No delimiters are used to separate plan content from agent instructions. Capability inventory: Includes filesystem deletion and git push operations. Sanitization: No content validation or sanitization is performed on ingested data.
Audit Metadata