Skills
skills/hummer98/cmux-team/dockeeper/Gen Agent Trust Hub

dockeeper

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes git log and python3 to analyze the repository's commit history and parse local task data in .team/task-state.json.\n- [PROMPT_INJECTION]: The skill represents an indirect prompt injection surface as it ingests content from git commit messages and task description files (.team/tasks/*.md) to determine documentation updates.\n
  • Ingestion points: Data is pulled from git logs and markdown files in the .team/tasks/ directory.\n
  • Boundary markers: The skill does not define clear boundaries or instructions for the agent to ignore potentially malicious directions within the processed files.\n
  • Capability inventory: The agent has the ability to write to documentation files in the docs/spec/ folder based on its interpretation of the ingested data.\n
  • Sanitization: There is no evidence of sanitization or filtering applied to text retrieved from commit logs or task files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 02:51 PM