Skills
skills/xmx0632/claude-code-demo/sdlc-retro/Gen Agent Trust Hub

sdlc-retro

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute a series of git log, git config, and find commands to extract metrics, identify authors, and analyze file hot-spots.
  • [DATA_EXFILTRATION]: The skill accesses sensitive identity data including developer names and email addresses via git config user.name, git config user.email, and git log. This information is used to personalize reports and track contributions. The processed results are stored in local JSON files within .context/retros/ and are not sent to any external network destinations.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it ingests untrusted data from the repository environment to generate its narrative report.
  • Ingestion points: Reads commit messages, author names, and the contents of TODOS.md (Step 1, Step 2).
  • Boundary markers: Absent; the instructions do not specify delimiters or warnings for the model to ignore embedded instructions within commit logs.
  • Capability inventory: The agent has access to Bash (system commands), Read, and Write tools.
  • Sanitization: Absent; the skill directly processes the extracted text to infer the importance and nature of contributions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 03:30 AM