branch-create
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local system commands
gh issue view <number>andgit checkout -b <branch-name>. These commands use parameters derived from user input. - [PROMPT_INJECTION]: The skill ingests untrusted data to generate branch names and verify issues. 1. Ingestion points: User-provided issue numbers, descriptions, and data returned from the GitHub CLI. 2. Boundary markers: No explicit delimiters are used in the workflow. 3. Capability inventory: The skill can read issue data and modify local Git state (branch creation). 4. Sanitization: The workflow includes a specific step to generate the branch name by converting descriptions to lowercase kebab-case and removing special characters, which serves as a mitigation against shell command injection via the branch name.
Audit Metadata