Skills
skills/lobbi-docs/claude/gitworfkflows/Gen Agent Trust Hub

gitworfkflows

Pass

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The skill requests the Bash tool to execute Git and GitHub CLI (gh) commands. The provided examples are standard operations for repository management and version control.
  • [DATA_EXPOSURE & EXFILTRATION] (SAFE): The skill references sensitive file patterns such as .env, .key, and credentials.json, but strictly in the context of a .gitignore template. This is a best-practice security measure intended to prevent accidental exposure of secrets.
  • [INDIRECT PROMPT INJECTION] (LOW): The skill provides tools to ingest content from external sources (e.g., pull request descriptions, commit messages, and issues) which could theoretically contain malicious instructions.
  • Ingestion points: Pull request bodies, issue titles, and git logs retrieved via the GitHub CLI and Git.
  • Boundary markers: None identified in the instructional content.
  • Capability inventory: The agent has Bash and Write capabilities, allowing it to act on instructions found in the data.
  • Sanitization: No specific sanitization or filtering logic is provided within the skill for external data.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 21, 2026, 07:16 AM