Skills
skills/leesama/skills/report/Gen Agent Trust Hub

report

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the local git CLI (via child_process.spawnSync) to collect commit history, remote URLs, and configuration settings from repositories on the local filesystem.
  • [DATA_EXPOSURE]: Scans local directories to identify Git repositories and reads commit data (messages, dates, hashes) to produce report files. This behavior is documented and central to the skill's functionality.
  • [INDIRECT_PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection because it processes Git commit messages—which could contain malicious instructions—by passing them to an AI agent for summarization.
  • Ingestion points: Git commit messages retrieved via git log in scripts/weekly.js.
  • Boundary markers: Absent. The prompt template in resources/prompt.txt does not use explicit delimiters or instructions to ignore embedded commands within the commit data.
  • Capability inventory: The skill executes git commands and writes files (.json, .docx) to the local filesystem.
  • Sanitization: No sanitization is performed on the commit messages before they are processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 01:59 AM