Skills
skills/kevmoo/kevmoo_skills/sem-semantic-diff/Gen Agent Trust Hub

sem-semantic-diff

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use the sem CLI utility for structural codebase analysis, including commands for diffing, impact analysis, and dependency graphing.
  • [PROMPT_INJECTION]: The skill processes content from the local codebase through commands like sem entities and sem context, which introduces a surface for indirect prompt injection if analyzed files contain malicious instructions.
  • Ingestion points: sem entities, sem diff, sem context, and sem blame outputs in SKILL.md.
  • Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded code comments.
  • Capability inventory: Shell command execution for the sem tool across all listed commands.
  • Sanitization: No sanitization logic is provided for the codebase content retrieved by the CLI.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 12:43 AM