git-workflow
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill defines several shell command blocks to be executed in the user's terminal. These include standard git operations (
git checkout,git commit,git status) and GitHub CLI operations (gh pr create). These commands are necessary for the skill's stated purpose of managing version control workflows. - [PROMPT_INJECTION]: The skill contains templates that interpolate external data (such as specification names, IDs, and summaries) into shell commands. While this follows the primary use-case, it establishes a potential surface for indirect prompt injection if the source data is controlled by a malicious actor.
- Ingestion points: Data enters the workflow via variables like
identifier,name, andsummaryinSKILL.md. - Boundary markers: Not explicitly used within the shell command templates.
- Capability inventory: Capability to execute arbitrary
gitandghcommands. - Sanitization: The skill relies on the agent's environment to handle input validation and escaping for the generated bash scripts.
Audit Metadata