git-workflow
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to perform standard Git operations for local repository management, such as
git branch,git checkout,git fetch, andgit push. These are necessary for the described workflow. - [COMMAND_EXECUTION]: Pull request creation is handled through the GitHub CLI (
gh), using structured templates and safe heredoc syntax for constructing command arguments. - [COMMAND_EXECUTION]: The workflow includes verification steps using
makecommands (e.g.,make go-lint,make go-test,make shfmt) to ensure code quality and correctness before commits are finalized. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it processes local repository files and executes build tools based on project configuration.
- Ingestion points: Local source code files, Makefiles, and repository configuration.
- Boundary markers: None explicitly defined for file content processing within the shell instructions.
- Capability inventory: Executes
git,gh, andmakesubprocesses. - Sanitization: Relies on the security of the developer's toolchain and the agent's internal safety constraints.
- [SAFE]: No evidence of malicious behavior, prompt injection, data exfiltration, or obfuscation was found. The skill adheres to common development practices and promotes repository safety by preventing direct commits to the main branch.
Audit Metadata