merge-agent
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs various shell-based operations for repository management.
- Evidence: Uses git for branch switching, pulling, merging, and pushing (git merge, git push origin main). It also executes build and test scripts (npm test, npm run build).
- Context: These commands are executed based on the state of the repository, which constitutes external input.
- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection via the code it processes.
- Ingestion points: Code and configuration files (e.g., package.json) from feature branches are pulled and processed during the merge and test phases.
- Boundary markers: The skill does not implement technical sandboxing or delimiters for the commands it runs, relying instead on manual checklist verification.
- Capability inventory: The agent has write access to the main branch and the ability to execute repository scripts.
- Sanitization: Procedural checks such as 'Security Advisor' approval are mentioned in the prompt instructions to mitigate the risk of processing malicious code.
Audit Metadata