Skills
skills/wuruofan/agent-skills/progress-brief/Gen Agent Trust Hub

progress-brief

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes git log and git diff commands to retrieve project history and statistics for report generation as described in the Data Collection step.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from git log (commit messages) and the PROGRESS.md file.
  • Ingestion points: Reads task history and project status from PROGRESS.md and commit messages from git log.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are specified in the instructions for processing this external data.
  • Capability inventory: The skill has the ability to write to the filesystem (creating/updating PROGRESS.md and generating report files) and execute shell commands via the git tool.
  • Sanitization: There is no mention of sanitization or validation for the content ingested from the repository's history or local files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 02:41 AM