Skills
skills/codyswanngt/lisa/git-commit-submit-pr-deploy-and-verify/Gen Agent Trust Hub

git-commit-submit-pr-deploy-and-verify

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill leverages the 'Bash' tool to automate the fixing of deployment errors. This creates a potential surface for indirect prompt injection if the deployment logs or PR comments contain malicious instructions designed to be executed by the agent.
  • Ingestion points: Deployment logs and pull request feedback (implied by the instruction to 'fix anything that breaks with the deploy').
  • Boundary markers: None present; there are no instructions to ignore or treat external input as untrusted.
  • Capability inventory: Access to the 'Bash' tool provides the agent with full subprocess command execution capabilities.
  • Sanitization: No sanitization or validation of external input is specified before passing instructions to the shell.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 10:30 AM