only-you
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill consists of high-level reasoning instructions and strategic guidelines. It does not include executable scripts, hardcoded credentials, or external network dependencies.
- [COMMAND_EXECUTION]: The instructions direct the agent to use 'git log' to analyze the history and values of a repository. This is a standard, low-risk operation intended for project context gathering.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection due to its core function of analyzing untrusted repository data.
- Ingestion points: The skill instructs the agent to read repository files and git history (SKILL.md).
- Boundary markers: No specific delimiters or isolation instructions are used to distinguish between repository content and the agent's internal instructions.
- Capability inventory: The skill uses 'git log' for reconnaissance and is designed to lead into task execution once user permission is granted.
- Sanitization: There are no explicit steps provided for sanitizing or validating the content retrieved from the repository files.
Audit Metadata