cost-estimate
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The helper scripts
loc_counter.pyandgit_session_analyzer.pyexecute git commands viasubprocess.run. These calls use list-based arguments and avoid shell interpretation, making them safe from command injection.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) as it processes external repository data.\n - Ingestion points: File paths and commit subjects are read into the agent's context during analysis by
loc_counter.pyandgit_session_analyzer.py.\n - Boundary markers: The skill does not implement explicit delimiters or warnings between the analyzed data and the final report output.\n
- Capability inventory: Local file reading and git command execution are the primary capabilities across the helper toolchain.\n
- Sanitization: The scripts use basic error replacement for decoding issues during file operations, though they do not actively filter for instruction-like strings in metadata.\n- [SAFE]: No hardcoded credentials, remote downloads, or unauthorized network operations were detected in the skill instructions or scripts. All operations trace back to legitimate repository analysis functionality.
Audit Metadata