progress-archive
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs shell operations using Git to stage changes and create commits (
git add,git commit). These operations are conditional upon user confirmation as defined in the execution flow. - [PROMPT_INJECTION]: The skill identifies tasks and metadata by parsing the content of
PROGRESS.md. Since it ingests untrusted data from a project file and uses it to drive subsequent actions, it presents an indirect prompt injection surface. - Ingestion points: Reads the
PROGRESS.mdfile from the project root to detect completed tasks and phases. - Boundary markers: The skill does not define specific boundary markers or instructions to isolate the parsed file content from the agent's internal reasoning.
- Capability inventory: The skill is capable of writing new markdown files to the local file system (
docs/progress/archive/) and executing Git commands. - Sanitization: There is no explicit mechanism for sanitizing task names or descriptions extracted from the file before they are interpolated into commit messages or file paths.
Audit Metadata