git-manager
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Python subprocess module to interact with the system Git binary. It follows security best practices by passing arguments as lists rather than strings, which prevents shell injection vulnerabilities. Findings are located in
scripts/commit.pyandscripts/log.py. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it retrieves and displays external data (git logs) which could be manipulated by third parties.
- Ingestion points:
scripts/log.pyingests data from the project's Git commit history. - Boundary markers: None present; the skill does not use delimiters to separate Git log content from agent instructions.
- Capability inventory:
scripts/commit.pyallows the agent to execute Git commit operations. - Sanitization: The skill does not perform any validation or sanitization of the Git log output before it is processed by the agent.
Audit Metadata