Skills
skills/jianshuo/claude-skills/wjs-auditing-project/Gen Agent Trust Hub

wjs-auditing-project

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes multiple bash commands to perform a read-only audit of the local development environment, including git status, branch tracking, stash lists, and system log files (DiagnosticReports). Evidence found in Phase 1 of SKILL.md.
  • [EXTERNAL_DOWNLOADS]: The skill uses the gh command-line tool to fetch data from GitHub APIs, including pull request details, CI run conclusions, and failed check logs. Evidence found in Phase 1 sections B and C of SKILL.md.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks.
  • Ingestion points: The agent reads pull request titles, bodies, and failed CI logs from GitHub via gh pr list and gh run view in SKILL.md Phase 1.
  • Boundary markers: Absent. No explicit instructions are provided to the model to ignore instructions found within processed external content.
  • Capability inventory: The agent has capabilities to edit local files, create/merge pull requests, and tag git releases as described in SKILL.md Phase 2.
  • Sanitization: Absent. External content from GitHub and local documentation files is processed without validation or sanitization before interpolation into the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 09:47 PM
Security Audit — agent-trust-hub — wjs-auditing-project