git-flow-branch-creator
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes several git commands locally, including
git status,git diff, andgit checkout -b. While these are the primary functions of the skill, they involve direct interaction with the system's command line interface. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from the local repository which could contain malicious instructions designed to influence the AI's analysis.
- Ingestion points: The skill reads file changes and diffs using
git diffandgit statusas specified in the Workflow section ofSKILL.md. - Boundary markers: No specific delimiters or safety instructions are defined to separate the data being analyzed (the diffs) from the operational instructions.
- Capability inventory: The skill is capable of executing shell commands and creating new branches based on its interpretation of the data.
- Sanitization: There is no evidence of sanitization or validation of the input data from the git diffs before it is used to determine branch names or types.
Audit Metadata