git-strategy-advisor
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): The skill's decision logic and example prompts contain no instructions to override safety filters or disregard previous rules.
- DATA_EXPOSURE (SAFE): The skill logic uses repository metrics such as lines and files changed but does not access sensitive system paths or credentials.
- REMOTE_CODE_EXECUTION (SAFE): No remote script downloads or dynamic code execution patterns (eval/exec) are present.
- INDIRECT_PROMPT_INJECTION (LOW): The skill ingests untrusted data from task descriptions and git metadata. Ingestion points: Git status/diff and task descriptions in example prompts. Boundary markers: Absent in prompt interpolation. Capability inventory: Recommendations for git commands (checkout, push, PR). Sanitization: Branch name generation logic applies lowercasing and hyphenation, providing basic sanitization of user input.
- OBFUSCATION (SAFE): No Base64, zero-width characters, or homoglyphs were detected.
Audit Metadata