commit-push-pr
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes Git CLI commands to perform repository operations such as git checkout, git add, git commit, and git push based on user requests.
- [PROMPT_INJECTION]: Vulnerability surface for indirect prompt injection exists. Ingestion points: Output from git commands (branch, status, diff) and user inputs for branch names. Boundary markers: None. Capability inventory: Execution of git commands and pushing to remote repositories. Sanitization: No explicit sanitization or escaping of dynamic inputs before shell execution.
- [SAFE]: The skill proactively checks for sensitive files like .env, credentials, and keys, and requires user confirmation before staging them to prevent accidental data exposure.
Audit Metadata