verify-changes
Pass
Audited by Gen Agent Trust Hub on Jul 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates indirect prompt injection (Category 8) by providing a workflow where the agent executes commands (e.g.,
npm run test,python script.py) against potentially untrusted code changes in the project environment.\n- Ingestion points: The agent reads project source files and configuration (e.g.,package.json) using theReadandGlobtools to determine which commands to run.\n- Boundary markers: The instructions do not define boundary markers or 'ignore' directives to prevent the agent from obeying instructions embedded within the code it is verifying.\n- Capability inventory: The skill is authorized to use theBashtool to execute shell commands andReadto access file contents.\n- Sanitization: There are no instructions for sanitizing or validating the content of scripts or command arguments before they are passed to the shell.
Audit Metadata