Skills
skills/l3digital-net/claude-code-plugins/up-all/Gen Agent Trust Hub

up-all

Pass

Audited by Gen Agent Trust Hub on Apr 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute git diff and git log commands to gather session context from the local repository.
  • [DATA_EXFILTRATION]: The skill reads local repository data (file contents, git history, and diffs) and propagates this information to external platforms (Notion and Outline). While this is the intended functionality of a documentation synchronization tool, users should be aware that sensitive information present in the local environment or conversation history could be uploaded to these third-party cloud services.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from multiple sources to perform write operations.
  • Ingestion points: Reads data from git diff, git log, local repository documentation, Outline wiki pages, and Notion pages.
  • Boundary markers: None. The skill does not implement delimiters or instructions to ignore potential commands embedded within the documentation it reads.
  • Capability inventory: The skill has extensive write capabilities, including local Write and Edit tools, as well as mcp-outline__update_document and notion__notion-update-page for external platforms.
  • Sanitization: No sanitization or validation of the ingested content is performed before it is used to update the documentation layers.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 15, 2026, 08:29 AM