get-unpublished-changes
Pass
Audited by Gen Agent Trust Hub on Jun 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to run the
git diffcommand locally to identify repository changes. This is the primary function of the skill but involves direct interaction with the shell binary. - [PROMPT_INJECTION]: The instructions use authoritative directives such as 'IMMEDIATELY' and 'CRITICAL' to enforce strict output behavior.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes untrusted source code diffs. Ingestion point:
git diffoutput; Boundary markers: Absent; Capability inventory: Shell execution; Sanitization: Absent.
Audit Metadata