Skills
skills/hyperb1iss/hyperskills/git/Gen Agent Trust Hub

git

Warn

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • COMMAND_EXECUTION (MEDIUM): The skill instructs the agent to run npm install or pnpm install after checking out lock files from an external source during conflict resolution.
  • Evidence: git checkout --theirs package-lock.json && npm install.
  • Risk: If an attacker provides a malicious package.json with post-install scripts in a branch or PR, the agent will execute that code when following these instructions.
  • EXTERNAL_DOWNLOADS (LOW): The use of package managers like npm, pnpm, and cargo triggers the download of external dependencies.
  • Evidence: npm install, pnpm install, and cargo generate-lockfile.
  • PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection via untrusted external data in Git branches.
  • Ingestion points: git checkout --theirs and repository archaeology commands.
  • Boundary markers: None.
  • Capability inventory: npm install, pnpm install, git push, and sops execution.
  • Sanitization: None.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 19, 2026, 08:47 AM