git-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions designed to override agent behavior or bypass safety protocols were identified.
- [Data Exposure & Exfiltration] (SAFE): The skill does not access sensitive files or perform network operations. It includes a grep-based safety check (
git diff --cached | grep -iE "api[_-]?key|secret|password") specifically intended to help users avoid committing credentials. - [Remote Code Execution] (SAFE): No patterns for downloading or executing remote scripts were found.
- [Command Execution] (SAFE): The skill references standard Git and local npm commands (
lint,test,typecheck) which are typical for developer workflows and do not pose a security risk in this context.
Audit Metadata