Skills
skills/yz0812/skills/git-report/Gen Agent Trust Hub

git-report

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local shell commands, specifically git log and git config, to gather the necessary data for generating reports. These operations are limited to accessing repository metadata and current configuration.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes commit messages, which are external strings that could contain instructions intended to manipulate the AI's summarization or formatting logic.
  • Ingestion points: commit messages retrieved via git log (SKILL.md).
  • Boundary markers: The content is interpolated into markdown templates (assets/templates/weekly.md, assets/templates/monthly.md) using placeholders.
  • Capability inventory: Shell command execution (git) and file system read access for templates.
  • Sanitization: No explicit sanitization or instruction-ignoring delimiters are defined, although the skill instructions tell the agent to 'filter noise' and 'beautify' messages.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 01:07 PM