Skills
skills/sd0xdev/sd0x-dev-flow/git-investigate/Gen Agent Trust Hub

git-investigate

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection as it ingests and processes untrusted data from the git repository's history.
  • Ingestion points: Data enters the agent's context through git log, git show, and gh pr view commands defined in references/commands.md.
  • Boundary markers: There are no explicit markers or instructions in the workflow to differentiate between the agent's core instructions and the text retrieved from commit messages or PR descriptions.
  • Capability inventory: The skill utilizes the Bash tool (restricted to git commands), Read, Grep, Glob, and the Agent tool as specified in the allowed-tools of SKILL.md.
  • Sanitization: The skill does not perform sanitization, filtering, or validation on the content retrieved from version control before processing it.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 01:12 AM
Security Audit — agent-trust-hub — git-investigate