production-audit
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core function of analyzing external, potentially untrusted code and data.
- Ingestion points: The agent ingests data from repositories, pull requests, CI logs, and deployment URLs as described in the 'Evidence Order' section of SKILL.md.
- Boundary markers: The instructions do not specify the use of delimiters or 'ignore' tags to prevent instructions embedded within the analyzed data from influencing the agent's behavior.
- Capability inventory: The skill allows the execution of shell commands (specifically
gitsubcommands) and HTTP/browser checks, which represent a capability surface if an injection occurs. - Sanitization: No explicit sanitization or input validation steps are provided for the external content before it is processed by the agent.
Audit Metadata