recovering-from-bad-git-state
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill documentation includes commands for manual repository repair, such as
rm -rf .git/worktrees/<worktree-name>and direct modification of.git/HEAD. These operations bypass Git's internal safety checks and could lead to unintended data deletion if provided with incorrect parameters. - PROMPT_INJECTION (LOW): The skill exhibits an indirect prompt injection surface by ingesting data from external tools like
gh pr viewand Git status commands and interpolating them into destructive actions. - Ingestion points:
git worktree list,gh pr viewoutput (SKILL.md). - Boundary markers: Absent.
- Capability inventory:
rm -rf,git branch -D,git push --delete(SKILL.md). - Sanitization: Absent.
Audit Metadata