Skills
skills/epicenterhq/epicenter/git/Gen Agent Trust Hub

git

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides instructions for executing GitHub CLI commands, including the use of the --admin flag during merges (gh pr merge --merge --admin). This flag allows a user with sufficient permissions to bypass branch protection rules, which is a powerful administrative action.\n- [PROMPT_INJECTION]: The skill creates an indirect prompt injection surface by instructing the agent to read and process content from untrusted external sources (GitHub issues and pull requests) to draft descriptions and link issues.\n
  • Ingestion points: references/github-pr-operations.md (agent is instructed to use gh issue list, gh issue view, and gh pr view to gather context).\n
  • Boundary markers: The instructions lack explicit delimiters or directions to ignore potential commands embedded within the external content.\n
  • Capability inventory: The agent has the capability to execute shell commands and write to the repository (git commits, PR creation).\n
  • Sanitization: There is no specified sanitization or validation of the content retrieved from GitHub before it is incorporated into the agent's context and output.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 12:25 PM