git
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill enables an agent to ingest untrusted data from GitHub repositories, such as pull request descriptions or issue comments. This creates a surface for indirect prompt injection. Evidence Chain: 1. Ingestion points:
gh pr view,gh issue view, andgh search. 2. Boundary markers: None specified. 3. Capability inventory:gh pr merge,gh pr comment, andgh api. 4. Sanitization: Not addressed. - [Data Exposure & Exfiltration] (SAFE): The skill correctly identifies sensitive files like
.envfor exclusion in.gitignore. The instructions for usinggh auth tokenare for legitimate programmatic API access and do not involve sending tokens to unauthorized third parties. - [Command Execution] (SAFE): The skill contains standard development commands for Git and the GitHub CLI (e.g.,
git commit,gh pr create). All commands are consistent with the primary purpose of managing a Git-based development workflow.
Audit Metadata