kintsugi
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes untrusted text from external sources to reconstruct developer history.
- Ingestion points: The skill reads git commit messages and source code comments (D1 — Scar Discovery) to identify 'bare scars'.
- Boundary markers: Absent; the instructions do not define delimiters or markers to distinguish between system instructions and processed data.
- Capability inventory: The skill has the capability to read local files and access git history (SKILL.md).
- Sanitization: Absent; there is no evidence of input validation or sanitization for the content of the git logs or comments.
- [COMMAND_EXECUTION]: The skill performs 'git archaeology' (D1), which involves the execution of git commands to retrieve commit history, authors, and dates for analysis.
Audit Metadata