finishing-a-development-branch
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute standard version control operations (git), GitHub CLI commands (gh), and various language-specific test runners (npm, cargo, pytest, go). These actions are limited to the intended scope of branch lifecycle management.
- [PROMPT_INJECTION]: Analysis of the instructions and metadata revealed no attempts to bypass safety guardrails or hijack agent behavior.
- [DATA_EXFILTRATION]: No patterns of sensitive data access or exfiltration to unauthorized remote servers were detected. The skill only interacts with local project data and the configured Git origin.
- [SAFE]: The skill implements safety-first practices, such as mandatory test checks before merging and explicit user confirmation for destructive actions like deleting branches.
- [SAFE]: Indirect Prompt Injection Assessment: 1. Ingestion points: Git branch names and test runner outputs (SKILL.md). 2. Boundary markers: Absent for external tool outputs. 3. Capability inventory: Branch deletion and PR creation via Bash. 4. Sanitization: No sanitization is performed on test output or metadata. Risk is low as the agent acts within the confines of standard Git operations.
Audit Metadata