tracing-knowledge-lineages
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill possesses an attack surface for indirect prompt injection by design. 1. Ingestion points: Project documentation (e.g., docs/ ADRs) and git history (git logs). 2. Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore potentially malicious content within these sources. 3. Capability inventory: The skill utilizes shell commands for git operations. 4. Sanitization: There is no process for sanitizing or escaping the content retrieved from git or documentation files.
- Command Execution (SAFE): The skill recommends using standard git commands (log, blame) to investigate the evolution of codebases. These are read-only operations that are necessary and appropriate for the skill's stated objective.
Audit Metadata