sync-ag-shared
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes various Git, Yarn, and GitHub CLI (gh) commands to manage repository synchronization and pull request creation. This includes operations across sibling directories discovered at runtime.
- [COMMAND_EXECUTION]: Executes local shell scripts provided within the repository ecosystem, such as setup-prompts.sh and verify-rulesync.sh.
- [PROMPT_INJECTION]: Utilizes an AI sub-agent to analyze Git diffs and logs, which introduces an indirect prompt injection surface. Malicious repository content could potentially influence the sub-agent's interpretation of changes.
- Ingestion points: git diff and git log output in Step 2.
- Boundary markers: Not specified in the instruction logic.
- Capability inventory: Includes full command execution, repository modification, and PR orchestration.
- Sanitization: No explicit sanitization of repository data before processing.
- [COMMAND_EXECUTION]: Explicitly removes Git index lock files (index.lock) from the file system to recover from interrupted subrepo operations.
Audit Metadata