git-automation
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill identifies as a repository orchestrator processing untrusted data with high-privilege capabilities. * Ingestion points: Processes 'Bug Templates', 'Feature Specs', and Pull Requests (via 'AI Reviewers'). * Boundary markers: Absent; no delimiters specified in SKILL.md to isolate untrusted data from instructions. * Capability inventory: Includes 'Workflow Orchestration', 'Repository Hygiene' (pruning/cleanup), and execution of an 'Automation Toolkit' scripts. * Sanitization: Absent; no input validation or content filtering is described for external data ingestion.
Recommendations
- AI detected serious security threats
Audit Metadata