finishing-a-development-branch
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell commands for version control and testing. This includes 'git', 'npm', 'cargo', 'pytest', 'go', and the GitHub CLI 'gh'. These operations are directly aligned with the skill's stated purpose of branch management and code integration.
- [COMMAND_EXECUTION]: Protective logic is implemented for destructive operations. For example, deleting a branch requires manual confirmation ('discard'), and local merging is gated by a requirement that the test suite must pass first.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data such as branch names and commit history when generating Pull Request descriptions via the 'gh' CLI.
- Ingestion points: Local git metadata (branch names, commit lists).
- Boundary markers: Uses shell heredocs for the PR body, but lacks explicit 'ignore instructions' delimiters for the interpolated content.
- Capability inventory: Full shell execution via subprocess calls for git and package managers (SKILL.md).
- Sanitization: No specific sanitization or escaping is performed on branch names or commit messages before they are passed to the shell or PR description.
Audit Metadata