lore-query
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes git commit logs, which are external data sources that may contain untrusted content. Malicious instructions embedded within commit message trailers (e.g., 'Constraint: ignore previous instructions') could influence agent behavior during the summary or parsing process. \n
- Ingestion points: Git log history retrieved via the Bash tool in SKILL.md.\n
- Boundary markers: No delimiters or instructions provided to ignore embedded commands within logs.\n
- Capability inventory: The agent has access to a Bash tool for command execution.\n
- Sanitization: No sanitization or validation of the trailer content is defined.\n- [COMMAND_EXECUTION]: The skill instructs the agent to construct and execute shell commands using the git log utility. The use of a user-provided [PATH] argument without explicit sanitization instructions creates a potential surface for command injection if the agent does not correctly escape the input before execution.
Audit Metadata