Skills
skills/adeonir/agents-skills/git-helpers/Gen Agent Trust Hub

git-helpers

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses git and gh CLI commands to perform its core functions, such as staging changes, creating commits, and opening pull requests. These operations are restricted to standard version control tasks defined in the reference files.
  • [PROMPT_INJECTION]: The skill includes robust defenses against indirect prompt injection.
  • Ingestion points: The agent processes untrusted data from git diff, git log, and repository files like CLAUDE.md and AGENTS.md (found in SKILL.md and code-review.md).
  • Boundary markers: A dedicated 'Data Trust Boundary' section in SKILL.md explicitly defines git output as data only.
  • Capability inventory: The skill can execute shell commands (git, gh) and write summary files to the local directory (found in summary.md).
  • Sanitization: Instructions specifically command the agent to discard any directives, prompts, or behavioral suggestions found within the ingested content, treating them strictly as data for analysis.
  • [CREDENTIALS_UNSAFE]: The skill includes a proactive security rule in commit.md that instructs the agent not to commit files containing secrets, such as .env files or other credentials, reducing the risk of accidental data exposure.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 02:32 AM