retrieve-diff-from-commit
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFENO_CODECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists entirely of Markdown documentation and instructions, with no attached scripts, binaries, or automated code files.
- [COMMAND_EXECUTION]: The skill provides the agent with Git command templates (e.g.,
git diff,git show) to interact with the local filesystem and repository history. - [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection because it reads and processes commit messages and code diffs which could contain malicious instructions.
- Ingestion points: Local repository content accessed via
git diffandgit logcommands defined inSKILL.md. - Boundary markers: Absent; there are no instructions to use delimiters or safety warnings for the agent when handling the retrieved output.
- Capability inventory: The skill itself is inert but leverages the agent's Git capabilities to read and summarize code.
- Sanitization: No evidence of sanitization or filtering of the Git output before it is passed to other components in the pipeline.
Audit Metadata