Skills
skills/unlearndev/skills/first-five/Gen Agent Trust Hub

first-five

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes untrusted data from git diffs and repository files. 1. Ingestion points: The skill reads file contents and git diff output via Read, Grep, and Glob tools. 2. Boundary markers: Absent; there are no instructions to wrap content in delimiters or ignore instructions found within the scanned code. 3. Capability inventory: The skill has access to Bash (git, find, ls, grep) and file system reading tools. 4. Sanitization: Absent; no escaping or filtering of the processed code is performed.
  • [COMMAND_EXECUTION]: The skill incorporates user-provided input ($ARGUMENTS) directly into shell command instructions such as git diff <base>...HEAD. If the input is not strictly validated by the platform, it provides a surface for command injection through malicious branch names.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 07:49 PM