recomposing-commits
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes a comprehensive set of git commands for branch history manipulation, including worktree isolation and resets.
- [PROMPT_INJECTION]: Vulnerable to indirect prompt injection (Category 8) due to processing untrusted repository data. 1. Ingestion points: 'git log' and 'git diff' outputs in Step 3. 2. Boundary markers: Absent; diff content is processed directly to identify logical groups. 3. Capability inventory: 'git commit' and 'git reset --hard' operations via shell. 4. Sanitization: Relies primarily on the mandatory user review gate in Step 7 rather than programmatic sanitization of commit data or file paths.
Audit Metadata