rebase-on-main
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to manage git workflows and explicitly uses commands such as
git fetch,git checkout,git pull,git rebase, andgit push --force-with-lease. These are standard operations for the skill's stated purpose. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) because it reads external data to perform its task.
- Ingestion points: In Step 7, the agent reads 'conflicting files' from the repository to analyze context and resolve conflicts.
- Boundary markers: None provided; there are no instructions to the agent to treat file content as untrusted or to ignore embedded instructions.
- Capability inventory: The agent has the ability to execute git commands and write to the local filesystem (via conflict resolution and
git add). - Sanitization: No sanitization or validation of the content of the conflicting files is performed before the agent processes them.
Audit Metadata