git
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill defines several shell commands using standard developer tools such as
git,npm,pnpm,cargo, andsops. These commands are used for their intended purpose of repository management and dependency maintenance. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it is designed to process untrusted data from external Git repositories, such as commit messages, file diffs, and source code during conflict resolution.
- Ingestion points: Git repository data accessed via
git log,git blame, and file contents during merge/rebase operations. - Boundary markers: Absent. The instructions do not define specific delimiters to separate untrusted repository content from agent instructions.
- Capability inventory: Shell execution for Git operations and package manager commands in
SKILL.md. - Sanitization: Absent. There is no evidence of filtering or validation for content ingested from the repository.
Audit Metadata