reconcile-merge-conflicts
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes Git commands and project-specific scripts found in configuration files like package.json, pyproject.toml, and Cargo.toml.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. Ingestion points: Conflicts are analyzed via git diff, git log, and raw file content. Boundary markers: Absent. Capability inventory: Local command execution and Git operations. Sanitization: Absent; repository data is processed without validation.
- [EXTERNAL_DOWNLOADS]: The skill performs git fetch to update remote-tracking branches, which is a standard operation for its intended purpose.
Audit Metadata