git-workflow
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface.
- Ingestion points: The skill ingest data from 'git status' output and repository file listings.
- Boundary markers: There are no cryptographic or strict structural delimiters used to separate external repository data from internal agent instructions.
- Capability inventory: The skill is capable of performing repository modifications via 'git commit' and network operations via 'git push'.
- Sanitization: The skill relies on natural language instructions and manual user confirmation rather than automated sanitization of external input.
- [NO_CODE]: The primary logic for the Git workflow is executed via a Python script 'scripts/git_commit.py' which is referenced in the documentation but not included in the provided skill files for technical review.
Audit Metadata