analyzing-recent-project-state

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references a predefined list of documentation URLs from well-known and trusted organizations, including Google, Microsoft, GitHub, and OWASP. These fetches are used strictly for referencing industry-standard practices and do not involve the execution of remote code.
  • [COMMAND_EXECUTION]: The skill utilizes local, read-only Git commands to collect project evidence. It explicitly prohibits repository mutation, remote fetching, or the execution of administrative commands, maintaining a strict read-only posture.
  • [DATA_EXFILTRATION]: While the skill processes project history and source code, it includes multiple layers of protection to prevent the leakage of sensitive data. It instructs the agent to treat all retrieved content as data for summarization, and a dedicated verification subagent ensures that raw diffs, secrets, and full command outputs are excluded from the final user-facing report.
  • [INDIRECT_PROMPT_INJECTION]: The skill addresses the risk of processing untrusted data (like commit messages) by implementing strict boundary instructions and an independent verification phase. This ensures that the agent follows its internal logic rather than any instructions that might be embedded in the analyzed code or history.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 06:40 AM
Security Audit — agent-trust-hub — analyzing-recent-project-state