task-complete
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill reads the 'task.md' file to generate titles and descriptions for pull requests, which creates an indirect prompt injection surface.
- Ingestion points: Repository file 'task.md'.
- Boundary markers: No delimiters or instructions to ignore embedded commands are present in the prompt.
- Capability inventory: The skill can commit changes, delete the 'task.md' file, and push to remote repositories.
- Sanitization: No sanitization is performed on the file content before it is processed by the agent.
Audit Metadata