skills/windmill-labs/windmill/refine/Gen Agent Trust Hub

refine

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute a hardcoded git diff command to analyze session changes. This is standard functionality for a development-focused reflection tool.\n- [INDIRECT_PROMPT_INJECTION]: The skill reads existing documentation and other skills to identify areas for improvement. While this represents a surface for indirect prompt injection if those files contain malicious instructions, the impact is limited to text updates within the project's documentation folder.\n
  • Ingestion points: Reads files from the docs/ directory and other invoked skill files.\n
  • Boundary markers: None specified in the instructions.\n
  • Capability inventory: Execution of git diff and file-write access to the docs/ directory and CLAUDE.md.\n
  • Sanitization: No explicit sanitization of input data before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 02:11 PM
Security Audit — agent-trust-hub — refine