Skills
skills/its-a-unixsystem/skills/gitkraken-cli/Gen Agent Trust Hub

gitkraken-cli

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the processing of untrusted repository data.
  • Ingestion points: Commands such as gk ai explain, gk ai changelog, and gk ai commit in SKILL.md ingest git diffs, commit history, and branch content.
  • Boundary markers: The skill does not define boundary markers or provide instructions to the agent to disregard instructions embedded within the processed git data.
  • Capability inventory: The skill possesses capabilities to write to repositories, push code, and create pull requests using commands like gk work push and gk ai pr create.
  • Sanitization: No sanitization or validation of repository content is performed before it is passed to the AI-driven commands.
  • [COMMAND_EXECUTION]: The skill facilitates the execution of the gk (GitKraken) command-line interface. It enables the agent to perform repository management tasks, including pushing code and managing work items, which are triggered based on the agent's interpretation of user goals.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 08:52 AM