git-master
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill executes standard Git commands (
git diff,git add,git commit,git push). These operations are consistent with the stated purpose of automating repository updates. - DATA_EXFILTRATION (SAFE): By design, the skill uses
git pushto send local data to a remote repository. This is an intended functionality for a Git management tool and targets user-defined remotes. - PROMPT_INJECTION (LOW): As an Indirect Prompt Injection surface (Category 8), the skill processes untrusted data from
git diff. However, it mitigates risk by requiring the agent to 'show the proposed message before executing the commit,' providing a human-in-the-loop validation step.
Audit Metadata