github-flow
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious patterns or security risks were identified in the provided skill files.
- [COMMAND_EXECUTION] (LOW): The skill suggests standard Git commands for the user to run. While it involves command execution, these are legitimate for the skill's purpose and do not perform unauthorized actions.
- [Indirect Prompt Injection] (LOW): The skill processes external data such as branch names and PR content which could be manipulated, though this is a standard risk for version control assistants. Evidence Chain: 1. Ingestion points: Git branch names and PR descriptions. 2. Boundary markers: Absent. 3. Capability inventory: Git command execution (git checkout, git pull, git push). 4. Sanitization: Absent; the skill relies on the user or agent to provide valid branch names.
Audit Metadata