diff-explain

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: No malicious patterns or security risks were identified. The skill's functionality is consistent with its stated purpose as a developer utility.
  • [SAFE]: The skill utilizes dynamic context to execute a local shell command (git diff --stat) when the skill is loaded. This provides the agent with a summary of changes in the current branch to improve its situational awareness without exfiltrating data.
  • [SAFE]: The skill uses the GitHub CLI (gh) to fetch pull request data. This is an interaction with a well-known service intended for repository management and is consistent with the skill's purpose.
  • [PROMPT_INJECTION]: The skill processes untrusted external data from git diffs and pull requests, creating a potential surface for indirect prompt injection.
  • Ingestion points: Data enters the context through git diff and gh pr diff command outputs.
  • Boundary markers: The skill lacks explicit delimiters to isolate diff content or instructions to ignore embedded commands.
  • Capability inventory: The skill has access to Bash for specific git and gh operations.
  • Sanitization: No filtering or sanitization of the input content is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 04:51 PM
Security Audit — agent-trust-hub — diff-explain