retrospective
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
git logto retrieve recent commit messages, which are used to generate the 'What Got Done' section of the retrospective. - [COMMAND_EXECUTION]: Shell commands including
mkdir -pandreadlinkare used to manage local directory structures for saving retrospective files. - [PROMPT_INJECTION]: Ingests commit messages from
git log, creating a surface for indirect prompt injection if commit history contains malicious instructions. Evidence Chain: - Ingestion points: Commit messages retrieved via
git log --oneline -10in SKILL.md. - Boundary markers: Absent; commit content is directly incorporated into the session summary prompt.
- Capability inventory: File system writing and execution of the
arra_learntool as defined in SKILL.md. - Sanitization: None; the skill does not filter or sanitize commit message content before processing.
Audit Metadata