git-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill is entirely instructional and uses standard, well-known Git and GitHub CLI (
gh) commands to manage repository state. No malicious command injection or external exfiltration patterns were identified. - [DATA_EXFILTRATION] (SAFE): The skill includes explicit security guidelines, instructing the agent to 'Keep secrets, .env files, credentials, and large binaries out of commits' and to warn the user if sensitive files are staged. This is a positive security practice.
- [COMMAND_EXECUTION] (SAFE): The use of commands like
git push --force-with-leaseandgh repo vieware legitimate and appropriate for a Git-focused skill. The instructions explicitly require user confirmation before potentially destructive operations like force-pushing rewritten history. - [PROMPT_INJECTION] (SAFE): The instructions use standard directive language to define the agent's behavior ('Always Active Principles'). There are no attempts to bypass safety filters or ignore system-level constraints.
- [INDIRECT_PROMPT_INJECTION] (SAFE): While the skill interacts with external data (git repository contents and metadata), it does so to format commit messages and PR descriptions. There is no evidence of unsafe interpolation of untrusted data into command execution or logic that could be subverted by a malicious repository.
Audit Metadata