finishing-a-development-branch
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes standard development commands such as git, npm test, cargo test, and gh. These commands are necessary for the skill's stated purpose of branch management and do not exhibit malicious patterns.
- [PROMPT_INJECTION]: No evidence of prompt injection was found. The instructions provide clear, structured guidance for a development workflow without attempting to override system constraints or bypass safety filters.
- [DATA_EXFILTRATION]: No data exfiltration patterns or hardcoded credentials were detected. Network-related operations are limited to standard git (push) and GitHub CLI (pr create) operations targeted at the user's own repository.
- [REMOTE_CODE_EXECUTION]: The skill does not download or execute code from remote or untrusted sources. All execution is restricted to local environment tools typical for software development.
- [INDIRECT_PROMPT_INJECTION]: The skill has an ingestion surface for untrusted data, though no specific exploit was found.
- Ingestion points: Test suite output (Step 1) and git command output (Step 2, 5).
- Boundary markers: Absent; the skill directly evaluates command exit codes and output strings.
- Capability inventory: Shell command execution (git, npm, gh, cargo, pytest, go), file reading (Step 4, Option 2).
- Sanitization: Absent; uses simple string interpolation for branch names and PR bodies.
Audit Metadata