Skills
skills/0froq/skills/end-my-week/Gen Agent Trust Hub

end-my-week

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the simple-git library to automate version control workflows. It stages files, creates commits with the prefix 'docs(dashboard):', and pushes changes to the configured remote repository ('origin').
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests unstructured data from the user's notes in docs/corpus/ and daily logs. Malicious instructions placed in these files could theoretically influence the AI's weekly summary or review logic.
  • Ingestion points: Reads from docs/corpus/**/*.md, docs/dashboard/weekTasks/, and docs/dashboard/dayTodos/.
  • Boundary markers: The skill uses specific markers (# AI-WEEK-REVIEW-START) to delimit its own generated output, but does not apply strict delimiters or 'ignore' instructions when reading input corpus data.
  • Capability inventory: The skill has permissions to write files to the local disk and push commits to the remote Git repository.
  • Sanitization: No explicit sanitization or filtering is performed on the content of the markdown files before they are processed by the LLM.
  • [SAFE]: The skill operates entirely within the user's specified documentation directories (docs/) and uses standard development tools for automation. The AUTO_APPROVE mode is a user-configurable environment variable for convenience rather than a hidden bypass.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 07:59 AM