git
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on Bash to perform Git operations such as adding, committing, and pushing changes. This gives the agent direct access to execute shell commands within the repository environment.
- [PROMPT_INJECTION]: There is an indirect prompt injection surface (Category 8) because the skill analyzes repository context and Git state. 1. Ingestion points: Read operations on repository context and Git state (e.g., file contents, commit history). 2. Boundary markers: Absent. The instructions do not define clear delimiters for untrusted repository data. 3. Capability inventory: Subprocess execution via Bash for Git commands and file system access via Read. 4. Sanitization: The skill mentions validation but lacks specific mechanisms to sanitize repository data before it is processed by the AI or used in commands.
Audit Metadata