rebase
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes various git commands including
git fetch,git rebase,git checkout, andgit pushto manage repository state.\n- [COMMAND_EXECUTION]: Invokes a local helper script./scripts/agents/tooling/agentTool.tsto determine the repository context.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through its interaction with external repository content.\n - Ingestion points: Untrusted data enters the context via
git fetchand the output ofgit statusduring conflict resolution.\n - Boundary markers: There are no delimiters or instructions provided to the agent to disregard embedded instructions within filenames or git metadata.\n
- Capability inventory: The skill has the capability to execute shell commands and modify the filesystem through git operations.\n
- Sanitization: The skill does not perform any sanitization or validation of filenames or repository data before they are used in command execution.
Audit Metadata