quick
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands to gather local git context including branch information and code changes using
git branch,git status,git show-branch,git log, andgit diff(SKILL.md). - [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection because it analyzes untrusted code and has the privilege to perform write and push operations.
- Ingestion points: Untrusted data is ingested from git logs, diffs, and file contents (SKILL.md).
- Boundary markers: No explicit delimiters or instructions are used to separate analyzed code from the agent's core instructions.
- Capability inventory: The skill is capable of modifying files, running tests, staging commits, and pushing changes to remote repositories (SKILL.md).
- Sanitization: No sanitization or filtering of the ingested repository content is performed before processing.
Audit Metadata