Skills
skills/getsentry/skills/create-branch/Gen Agent Trust Hub

create-branch

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses local shell commands including git diff, git status, and gh api to gather context about the current project and user. These are standard operations for a development-focused skill.
  • [COMMAND_EXECUTION]: The skill executes git checkout -b to create new branches. This is the primary intended function of the skill and is performed after user confirmation of the branch name.
  • [PROMPT_INJECTION]: The skill reads external data via git diff and git status to generate branch descriptions. While this provides a surface for indirect prompt injection from codebase content, the risk is mitigated by explicit naming constraints (ASCII letters, digits, and hyphens) and the requirement for user confirmation before the branch is actually created.
  • Ingestion points: git diff, git diff --cached, git status --short used in Step 2.
  • Boundary markers: None explicitly used for the diff content.
  • Capability inventory: git checkout -b used in Step 5.
  • Sanitization: Explicit rules for branch names to include only ASCII letters, digits, and hyphens.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 07:57 AM