verify-changes

Pass

Audited by Gen Agent Trust Hub on Jul 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill facilitates indirect prompt injection (Category 8) by providing a workflow where the agent executes commands (e.g., npm run test, python script.py) against potentially untrusted code changes in the project environment.\n- Ingestion points: The agent reads project source files and configuration (e.g., package.json) using the Read and Glob tools to determine which commands to run.\n- Boundary markers: The instructions do not define boundary markers or 'ignore' directives to prevent the agent from obeying instructions embedded within the code it is verifying.\n- Capability inventory: The skill is authorized to use the Bash tool to execute shell commands and Read to access file contents.\n- Sanitization: There are no instructions for sanitizing or validating the content of scripts or command arguments before they are passed to the shell.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 1, 2026, 12:40 PM
Security Audit — agent-trust-hub — verify-changes