work-explainer
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions direct the agent to analyze the project's history using
git diffandgit log. This is a standard operation for a development-focused assistant to understand code changes. - [DATA_EXPOSURE]: To provide accurate explanations, the skill reads commit history and conversation logs. The gathered information is processed locally to create documentation within the workspace's sub-directory, with no evidence of external transmission.
- [PROMPT_INJECTION]: The skill processes untrusted input from git commits and previous user interactions. While this represents a surface for indirect prompt injection (Category 8), the risk is negligible as the skill only outputs local text files and explicitly restricts further model calls through its frontmatter configuration.
Audit Metadata