git-workflow
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes multiple Git commands (status, log, pull, checkout, fetch, rebase, push, commit, reset) to manage the repository workflow based on its detected state.- [EXTERNAL_DOWNLOADS]: Mentions and suggests the installation of the git-filter-repo Python package via pip to facilitate advanced history-clearing operations.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes potentially untrusted data from the local environment (commit messages, diffs, and conflict markers) which could influence the agent's logic.
- Ingestion points: SKILL.md (via git log, git status, git diff --cached, and conflict marker reading)
- Boundary markers: Absent. The skill does not use delimiters or instructions to ignore embedded commands in the repo data.
- Capability inventory: SKILL.md (includes subprocess execution of various git commands and suggestions for package installation)
- Sanitization: Absent. No evidence of input validation or escaping for the repository-sourced data.
Audit Metadata