retrospective
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses dynamic context injection (
!git log) to fetch the last two weeks of commit history. This is a legitimate use of the feature for development-oriented tasks and does not involve exfiltration, sensitive file access, or command injection from user-supplied arguments. - [SAFE]: The skill interacts with project-specific directories (
production/sprints/,production/milestones/) to read plans and write retrospective reports. These operations are within the expected scope of the tool's functionality. - [PROMPT_INJECTION]: Indirect prompt injection surface detected. The skill ingests untrusted data from git logs and codebase comments (TODO/FIXME) and possesses file-writing capabilities.
- Ingestion points: Reads git commit messages via
git logand codebase content viaGrep/Read. - Boundary markers: Absent. The skill does not instruct the agent to ignore instructions embedded in the processed data.
- Capability inventory: Includes
Read,Glob,Grep, andWritetools. - Sanitization: Not specified; the agent processes raw data from the codebase and git history.
Audit Metadata