work-log-writer
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes several local shell commands including
git log,git show,git status,git diff,git config, anddateto gather commit metadata and repository state. These operations are restricted to the local environment to facilitate the work-logging functionality. - [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks. Ingestion points: Untrusted data enters the agent context via
git logandgit showcommands inSKILL.md, which retrieve commit messages and diffs. Boundary markers: No specific delimiters or "ignore embedded instructions" warnings are employed to separate the ingested commit content from the skill's operational logic. Capability inventory: The skill utilizes subprocess calls to thegitanddatebinaries. Sanitization: No evidence of escaping or filtering of external commit content was found before the data is processed into the final markdown list.
Audit Metadata