Skills
skills/0xbigboss/claude-code/git-rebase-sync/Gen Agent Trust Hub

git-rebase-sync

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The skill executes high-impact git commands including git rebase and git push --force-with-lease. These operations modify git history and remote state. While safety rails are present, the tool inherently requires high-privilege write access to the codebase.
  • [PROMPT_INJECTION] (HIGH): High risk of Indirect Prompt Injection (Category 8). The workflow requires the agent to read and 'understand' the content of conflicted files to resolve merges. Maliciously crafted content within those files (e.g., instructions in code comments) could trick the agent into performing incorrect resolutions or bypassing safety rules during the rebase process.
  • Ingestion points: File contents during conflict resolution (git diff, opening files), git status output, and git log output.
  • Boundary markers: Absent; the agent reads raw file content without delimiters or specific ignore instructions for embedded text.
  • Capability inventory: File system modification (git add), history rewriting (git rebase), and network operations (git push, git fetch).
  • Sanitization: No sanitization or filtering of file content is performed before processing or interpreting the 'intent' of the code.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 05:30 AM