Review Changes
Pass
Audited by Gen Agent Trust Hub on Jun 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external code changes, which represents an ingestion surface for indirect prompt injection where instructions could be hidden in code comments or logic. 1. Ingestion points: Untrusted code changes processed via
detect_changes(SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory:detect_changes,get_affected_flows,query_graph,get_impact_radius,get_minimal_context(SKILL.md). 4. Sanitization: No sanitization or validation of the ingested code content is specified.
Audit Metadata