refine
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute a hardcoded
git diffcommand to analyze session changes. This is standard functionality for a development-focused reflection tool.\n- [INDIRECT_PROMPT_INJECTION]: The skill reads existing documentation and other skills to identify areas for improvement. While this represents a surface for indirect prompt injection if those files contain malicious instructions, the impact is limited to text updates within the project's documentation folder.\n - Ingestion points: Reads files from the
docs/directory and other invoked skill files.\n - Boundary markers: None specified in the instructions.\n
- Capability inventory: Execution of
git diffand file-write access to thedocs/directory andCLAUDE.md.\n - Sanitization: No explicit sanitization of input data before processing.
Audit Metadata