stashing

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes multiple internal shell scripts located in ${CLAUDE_PLUGIN_ROOT}/scripts/ to manage file stashing, state checking, and project resets.
  • [COMMAND_EXECUTION]: Uses git diff --stat to identify changes in the repository when resuming from a stash.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting the contents of snapshot.md and legacy markdown files during the resume protocol. Ingestion points: SKILL.md (reads local stash files). Boundary markers: None identified. Capability inventory: Includes shell script execution and file system operations defined in SKILL.md. Sanitization: None implemented.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 05:55 PM
Security Audit — agent-trust-hub — stashing