finishing-a-development-branch
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes standard development tools (npm, cargo, pytest, go) and git commands to manage the development lifecycle. These actions are appropriate for the tool's purpose and include user confirmation for destructive actions.
- [PROMPT_INJECTION] (LOW): The skill processes external data from command outputs (test results and git metadata) which could be manipulated to influence agent behavior. 1. Ingestion points: Test suite results in Step 1 and git command results in Steps 2-4 of SKILL.md. 2. Boundary markers: Absent; the instructions do not specify delimiters for command outputs. 3. Capability inventory: Merging code, pushing to remote repositories, deleting branches, and removing worktrees. 4. Sanitization: None; the agent evaluates raw command output to decide workflow progression.
Audit Metadata