git-workflow-helper
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill provides templates for destructive shell commands including
git reset --hard,git push --force, andgit filter-branch. While these are standard Git operations for workflow management, their inclusion as templates for an AI agent poses a risk of accidental data loss if the agent is allowed to execute them automatically. - [DATA_EXPOSURE] (INFO): The documentation includes a defensive example of a
pre-commithook designed to detect and prevent the commitment of hardcoded credentials (passwords, API keys), which is a security best practice. - [INDIRECT_PROMPT_INJECTION] (LOW):
- Ingestion points: The skill is designed to process user-provided Git scenarios and potentially repository metadata to suggest commands (e.g., in
SKILL.md). - Boundary markers: None present. The skill does not instruct the agent to distinguish between legitimate user requests and potentially malicious instructions embedded in Git logs or repository files it might analyze.
- Capability inventory: Generation of powerful Git commands that modify local and remote repository state.
- Sanitization: None. It relies on the user to verify the generated commands before execution.
Audit Metadata