pre-push-review
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local git commands and project-specific validation tools, including Makefile targets and linters. While these are standard developer tools, they allow for arbitrary command execution based on the repository's configuration.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it reads and processes untrusted data from the repository, such as commit messages, specification documents, and project-specific instructions. Ingestion points: Git commit history, markdown files in the specs/ directory, and project configuration files. Boundary markers: The instructions do not specify any delimiters or warnings to ignore instructions embedded within the analyzed data. Capability inventory: The agent has the ability to execute shell commands (via linters/make) and write files to the local file system. Sanitization: There is no evidence of sanitization or filtering of the content read from the repository files.
Audit Metadata