caveman-compress
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Uses standard system utilities including 'git status', 'git diff', 'rg', and 'find' to discover and identify documentation files for processing within the repository.
- [PROMPT_INJECTION]: The skill processes repository-local documentation, which represents a potential surface for indirect prompt injection. This risk is mitigated by the skill's specific transformation rules that focus on linguistic simplification rather than instruction following.
- Ingestion points: Markdown files (.md, .mdx, .markdown), text files (.txt, .rst), and extensionless notes discovered in the active repository.
- Boundary markers: Uses markdown headings and standard code block delimiters (fenced and indented) to isolate text from code.
- Capability inventory: Includes file system discovery via git and ripgrep, and local file modification for text compression.
- Sanitization: Strictly preserves code blocks, inline code, URLs, and technical terms; explicitly excludes sensitive file types like .env, .json, and .yaml from modification.
Audit Metadata