simplify
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute
git diff --statto identify the scope of files requiring review. - [PROMPT_INJECTION]: The skill processes untrusted source code from the project environment, which creates a surface for indirect prompt injection through malicious comments or code strings.
- Ingestion points: Source code files identified via git history (e.g.,
src/auth.ts,src/utils/parser.ts). - Boundary markers: Absent; there are no instructions to wrap file content in delimiters or ignore embedded instructions within the code.
- Capability inventory: The skill executes shell commands (git) and has the implied capability to write modified code back to the filesystem to apply fixes.
- Sanitization: Absent; the instructions do not include steps to sanitize, validate, or escape the content of the files being analyzed before processing.
Audit Metadata