git-rebase-interactive
Warn
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [Dynamic Execution] (MEDIUM): The skill instructs the agent to create executable shell scripts at runtime using a combination of mktemp and cat redirections. This allows for arbitrary code execution based on logic generated during the session. Evidence found in SKILL.md.
- [Privilege Escalation] (MEDIUM): The skill explicitly uses chmod +x to elevate the permissions of the dynamically created temporary file. While necessary for the skill's function, it is a high-risk privilege change for runtime-generated assets. Evidence found in SKILL.md.
- [Indirect Prompt Injection] (LOW): The skill ingests untrusted data from git logs and commit messages to build its todo list. 1. Ingestion point: git log output. 2. Boundary markers: Absent. 3. Capability inventory: File writing, chmod +x, and execution of shell scripts. 4. Sanitization: Absent. A malicious commit message containing shell metacharacters could potentially result in command injection. Evidence found in SKILL.md.
Audit Metadata