committing-changes
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill automatically detects and executes project-specific formatting, linting, and typechecking tools based on project type (SKILL.md). This could lead to the execution of malicious scripts if project configuration files are compromised.\n- [COMMAND_EXECUTION]: Executes version control commands (git, jj) and CI monitoring tools (uv run) on the local system (SKILL.md).\n- [DATA_EXFILTRATION]: Transfers local code changes and commit history to remote servers via 'git push' or 'jj git push' (SKILL.md).\n- [EXTERNAL_DOWNLOADS]: References and executes an external script located at '~/.claude/skills/monitoring-ci/ci-monitor.py' (SKILL.md).\n- [PROMPT_INJECTION]: Vulnerable to indirect prompt injection from codebase content (Category 8).\n
- Ingestion points: Reads project files for diff analysis and permissions configuration in './CLAUDE.md'.\n
- Boundary markers: None implemented for file ingestion.\n
- Capability inventory: Includes file system modification, command execution, and network transmission (git push).\n
- Sanitization: No evidence of input sanitization before processing project data.
Audit Metadata