Skills
skills/bulls-cows/skills/yy-frontend-weekly-report/Gen Agent Trust Hub

yy-frontend-weekly-report

Pass

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the git log command to retrieve commit metadata (hashes, dates, and subject lines) for report generation. This is a local, read-only operation and is standard for the skill's primary function.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes untrusted commit messages as input data.
  • Ingestion points: External data is read from the local Git repository history via git log (SKILL.md).
  • Boundary markers: None; commit messages are directly interpolated into the analysis logic without delimiters or warnings to ignore embedded instructions.
  • Capability inventory: Local command execution (git log).
  • Sanitization: No evidence of escaping or filtering of commit message content before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 23, 2026, 12:44 AM