address-findings
Pass
Audited by Gen Agent Trust Hub on Jun 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the
entireCLI andgitcommands to manage review trails, check branches, and apply modifications to the codebase.\n- [EXTERNAL_DOWNLOADS]: Retrieves finding data, descriptions, and code patches fromentire.io. This is the vendor's official domain and is necessary for the skill to function as intended.\n- [REMOTE_CODE_EXECUTION]: The skill fetches and appliesunified-diffpatches from a remote source. While this is the core functionality for addressing findings, it allows remote content to modify the local codebase.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes natural language finding bodies from external sources.\n - Ingestion points: Finding descriptions and metadata fetched via
entire trail finding listinSKILL.md(Step 3).\n - Boundary markers: Absent; the agent processes finding bodies directly without delimiters or instructions to ignore embedded commands.\n
- Capability inventory: File modification and execution of the
entireCLI tool as defined acrossSKILL.md.\n - Sanitization: No validation or sanitization is performed on the content of the findings before the agent processes them.
Audit Metadata