git-standards
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill ingests untrusted data from repository files and history which could contain malicious instructions intended to subvert agent behavior. Evidence Chain:
- Ingestion points: The skill instructions direct the agent to read file contents and logs via the git_safe tool.
- Boundary markers: There are no specified delimiters or warnings used to separate analyzed repository data from the agent's instructions.
- Capability inventory: The skill possesses git write capabilities including the ability to add, commit, and push files.
- Sanitization: No procedures are defined for sanitizing or escaping the content read from the repository during the review process.
Audit Metadata