bail
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes standard developer tools including
gitand the GitHub CLI (gh) to perform branch management, commits, and issue updates. These actions are aligned with the skill's stated purpose of cleaning up development environments. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection. 1. Ingestion point: User-provided 'reason' string in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Uses
gitandghCLI commands to write to GitHub and local Git history as described in SKILL.md. 4. Sanitization: Absent; the input is directly interpolated into shell strings, which could allow for command injection if the execution environment does not provide its own layer of sanitization.
Audit Metadata