diff-explain
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified. The skill's functionality is consistent with its stated purpose as a developer utility.
- [SAFE]: The skill utilizes dynamic context to execute a local shell command (
git diff --stat) when the skill is loaded. This provides the agent with a summary of changes in the current branch to improve its situational awareness without exfiltrating data. - [SAFE]: The skill uses the GitHub CLI (
gh) to fetch pull request data. This is an interaction with a well-known service intended for repository management and is consistent with the skill's purpose. - [PROMPT_INJECTION]: The skill processes untrusted external data from git diffs and pull requests, creating a potential surface for indirect prompt injection.
- Ingestion points: Data enters the context through
git diffandgh pr diffcommand outputs. - Boundary markers: The skill lacks explicit delimiters to isolate diff content or instructions to ignore embedded commands.
- Capability inventory: The skill has access to Bash for specific
gitandghoperations. - Sanitization: No filtering or sanitization of the input content is performed.
Audit Metadata