github-evidence-kit
Pass
Audited by Gen Agent Trust Hub on May 31, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local git commands via
subprocess.runinsrc/clients/git.py. This implementation is hardened with a robust set of security overrides (such ascore.fsmonitor=,core.editor=true, andprotocol.ext.allow=never) specifically designed to prevent a repository from executing arbitrary code on the host system during forensic analysis. - [EXTERNAL_DOWNLOADS]: The toolkit connects to legitimate, well-known services for forensic data retrieval, including the GitHub REST API, Google Cloud BigQuery (for GH Archive data), and the Wayback Machine. All remote operations are consistent with the tool's primary function of evidence collection.
- [DATA_EXFILTRATION]: In
src/verifiers/consistency.py, the skill performs HTTP GET requests to verify the availability of evidence URLs. This is an intended functional requirement for forensic verification and does not involve the exfiltration of sensitive local data to unauthorized domains. - [PROMPT_INJECTION]: Keywords and examples related to prompt injection appear in test fixtures and forensic evidence samples (e.g.,
gharchive_amazon_q_timeline_evidence.json). These are static data points used for reconstructing security incident timelines and are not instructions aimed at overriding agent behavior or bypassing safety filters.
Audit Metadata