git-run-checks
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script scripts/run-project-checks.sh executes project-native commands (e.g., make, npm, cargo, pytest) based on repository contents. This is the primary intended behavior for a pre-commit verification tool.
- [PROMPT_INJECTION]: The skill identifies and executes shell commands defined in potentially untrusted project configuration files.
- Ingestion points: Reads script names and execution logic from package.json, Makefile, and other project manifests.
- Boundary markers: None present to distinguish between benign and malicious script names within the repository.
- Capability inventory: Execution of shell commands via a local helper script.
- Sanitization: None; the utility executes commands directly as defined in the local repository configuration, assuming the integrity of the project files.
Audit Metadata