skills/ndpvt-web/arxiv-claude-skills/timemachine-bench-benchmark-evaluating-capabilitie/Gen Agent Trust Hub
timemachine-bench-benchmark-evaluating-capabilitie
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the agent to execute standard local commands for searching and testing, including
grep,pytest,python manage.py test, andpip show. These tools are necessary for diagnosing dependency-related breakages and verifying successful migration within the codebase. - [PROMPT_INJECTION]: The workflow involves an indirect prompt injection surface. Ingestion points: The agent is instructed to read external content from dependency changelogs, release notes, and test tracebacks (SKILL.md). Boundary markers: No specific delimiters or warnings are provided for these external inputs. Capability inventory: The agent uses file editing tools (
edit_file,replace_all_in_file) and test execution tools (execute_tests) to implement changes. Sanitization: The skill mitigates risks through a disciplined minimal-edit policy and requiring all changes to be verified by the project's existing test suite.
Audit Metadata