Skills
skills/awjreynolds/gadd/gadd-verify/Gen Agent Trust Hub

gadd-verify

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection vulnerability surface detected in the data processing workflow.
  • Ingestion points: The skill ingests untrusted text from Work Item bodies, ledger files, GitHub Pull Request metadata, and external issue trackers.
  • Boundary markers: Absent. The instructions do not define delimiters or headers to isolate untrusted data from the agent's instructions.
  • Capability inventory: The skill performs file system reads and writes to local project files (ledger.yml, verification.md) and makes network calls to read pull request metadata. It does not execute arbitrary shell commands.
  • Sanitization: The instructions do not require the sanitization or validation of content retrieved from external trackers or pull request descriptions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 10:01 AM