source-command-audit-whitepapers

Pass

Audited by Gen Agent Trust Hub on May 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes git log commands to analyze the commit history of documentation files. This is used to calculate content staleness by comparing the last update date of a document with the repository's commit logs for the main guide. This activity is restricted to local filesystem operations and is necessary for the skill's primary function.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it extracts the date field from the YAML frontmatter of audited .qmd files and interpolates it into a shell command (git log --since="{date}"). Although the skill specifies that the agent should validate the date format (e.g., YYYY-MM-DD), this pattern represents a vulnerability surface if the files being audited contain maliciously crafted metadata.
  • Ingestion points: VERSION file at project root and .qmd files in whitepapers/ and recap-cards/ directories (SKILL.md).
  • Boundary markers: No specific delimiters or safety instructions are used when interpolating the metadata into the shell command.
  • Capability inventory: Shell execution of git log via the agent's command tool.
  • Sanitization: The skill instructs the agent to parse the date and verify it is not in the future, providing a basic layer of validation before command execution.
Audit Metadata
Risk Level
SAFE
Analyzed
May 26, 2026, 10:40 AM
Security Audit — agent-trust-hub — source-command-audit-whitepapers