Skills
skills/kamranahmedse/diffity/diffity-tour/Gen Agent Trust Hub

diffity-tour

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the diffity CLI tool and instructs the agent to install it globally via npm install -g diffity if it is not already present. This package is the primary utility for the skill's functionality and is associated with the skill author.\n- [COMMAND_EXECUTION]: The skill performs several shell operations to manage code tours and interact with Git/GitHub. These include: running diffity agent commands to start, step through, and complete tours; using gh auth status, gh repo view, gh pr view, and gh pr diff to handle GitHub Pull Request reviews; executing git log and reading local source files for code research; and launching a local web server and opening the browser via the open command.\n- [DATA_EXFILTRATION]: The skill accesses GitHub metadata and repository content. This is consistent with its stated purpose of creating code tours and reviewing PRs. It uses the official GitHub CLI tool (gh) for authenticated access to the user's data.\n- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes untrusted data from the codebase and GitHub PR descriptions.\n
  • Ingestion points: Source files in the repository, PR title/body/comments via gh pr view, and PR diffs via gh pr diff (SKILL.md).\n
  • Boundary markers: Not present; untrusted data from the environment is processed directly to generate tour narratives.\n
  • Capability inventory: The agent utilizes a bash tool to execute CLI commands (diffity, gh, git) and an open tool to trigger browser navigation.\n
  • Sanitization: No explicit sanitization or filtering of codebase content or PR metadata is described before these inputs are used to form the tour's narrative.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 01:21 PM