git-branch-pr-workflow
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard instructional content for professional Git workflows. It promotes secure practices such as using modern Git commands and linear history.
- [COMMAND_EXECUTION]: The skill includes a Bash script (
scripts/pr-context.sh) to automate gathering repository metadata (branch information, commit logs, diff statistics) and check for existing pull requests. These commands are executed locally within the repository scope and use well-known tools likegitand theghCLI. - [PROMPT_INJECTION]: Analysis of the
scripts/pr-context.shscript identified an ingestion surface for indirect prompt injection, as it processes commit messages and diffs which could contain untrusted instructions. However, this is a standard risk for development tools and no malicious exploitation patterns were found. - Ingestion points:
git logandgit diffoutputs inscripts/pr-context.sh. - Boundary markers: Absent.
- Capability inventory:
Bashscript execution and GitHub MCP tool calls (mcp__github__*). - Sanitization: Absent.
Audit Metadata