safe-editing
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes standard Git commands (
git worktree,git status,git rev-parse) to manage local repository states. These commands are executed within the context of the user's project and do not pose a security risk in this implementation.\n- [DATA_EXFILTRATION] (SAFE): Analysis of the workflow shows no attempts to access sensitive files (e.g., SSH keys, credentials) or transmit data to external servers. All operations are local to the Git repository and specified worktree directories.\n- [PROMPT_INJECTION] (SAFE): The instructions are purely functional and do not contain patterns designed to bypass AI safety filters or override system instructions.\n- [INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests user tasks to generate branch names and perform edits.\n - Ingestion points: User-provided task descriptions used to generate branch names in Step 2.\n
- Boundary markers: Absent.\n
- Capability inventory: Directory traversal (
cd ..), file system modification via Git worktree, and arbitrary file editing within the worktree.\n - Sanitization: Branch names are sanitized using lowercase kebab-case formatting, reducing the risk of command injection through malformed branch names.
Audit Metadata