commit
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains explicit instructions to override the agent's interaction model, demanding execution without user questioning or confirmation ("지금 즉시 아래 워크플로우를 실행하라. 질문하지 말고 바로 실행하라").
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted data via variables while possessing write-access capabilities.
- Ingestion points: External untrusted data enters the agent context through the
$ARGUMENTSvariable inSKILL.md. - Boundary markers: There are no delimiters or "ignore embedded instructions" warnings present to isolate the $ARGUMENTS input.
- Capability inventory: The skill executes
git addandgit commitcommands, which provide file system modification capabilities. - Sanitization: The skill does not perform any escaping, validation, or filtering of the external content before processing it.
- [COMMAND_EXECUTION]: The skill executes multiple shell commands to manage the git repository, including
git status,git diff,git add, andgit commit.
Audit Metadata