Skills
skills/charlesjones-dev/claude-code-plugins-dev/workflow-ship/Gen Agent Trust Hub

workflow-ship

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute git and GitHub CLI (gh) commands.
  • Evidence: The skill executes commands such as git push, git checkout, and gh pr create to manage the repository state and interact with remote servers.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the processing of local repository data.
  • Ingestion points: The skill reads output from git diff and git log to provide context for drafting commit messages and Pull Request bodies.
  • Boundary markers: Absent. The instructions do not specify delimiters or warnings to ignore instructions that might be embedded within the code changes being analyzed.
  • Capability inventory: The agent has access to Bash, Edit, Write, and Skill (specifically running /workflow-preflight). These capabilities allow it to modify files, execute system commands, and push changes to remote repositories.
  • Sanitization: The skill includes a basic sanitization rule to avoid committing files that look like secrets (e.g., .env, credentials), which reduces the risk of accidental data exposure.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 12:48 PM