recall
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill is built with protections against indirect prompt injection.
- Ingestion points: Processes potentially untrusted data from search results, repository transcripts, and repository content (SKILL.md).
- Boundary markers: Explicit instructions are provided to treat all command output and search results as untrusted and to never follow instructions found within them (SKILL.md).
- Capability inventory: Uses subprocess execution for
gitandentireCLI tools (SKILL.md). - Sanitization: Requires the agent to strip or escape shell-sensitive characters like backticks, subshells, and semicolons from user task descriptions before command substitution (SKILL.md).
- [COMMAND_EXECUTION]: The skill executes
gitand vendor-providedentireCLI commands. It mitigates injection risks by instructing the agent to validate and escape user-supplied strings before they are executed in a shell context. - [EXTERNAL_DOWNLOADS]: The skill references the official documentation for the vendor's CLI tool at
https://entire.io/docs/clifor installation instructions.
Audit Metadata