Skills
skills/kehwar/skills/dev-log/Gen Agent Trust Hub

dev-log

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes shell commands such as git diff, git status, and git log to collect technical context and history for log generation.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it incorporates external data from Git output into its summaries without sanitization.
  • Ingestion points: Data is ingested from git diff, git status, and git log output (SKILL.md).
  • Boundary markers: Absent; there are no instructions to the agent to treat Git output as untrusted or to use specific delimiters.
  • Capability inventory: The skill has file-writing capabilities restricted to the docs/development-log/ directory (SKILL.md).
  • Sanitization: Absent; the skill does not define any methods for filtering or escaping content found in commit messages or code changes.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 09:40 PM
Security Audit — agent-trust-hub — dev-log