The Agent Skills Directory

[SAFE]: The skill operates as a transparent wrapper for the Git CLI, with no evidence of malicious behavior or hidden functionality. It provides high-quality documentation that emphasizes security, such as advising against committing secrets and force-pushing to shared branches.- [COMMAND_EXECUTION]: The script scripts/main.cjs executes the git binary using child_process.spawn. It correctly sets shell: false, which is a security best practice that prevents shell injection attacks by ensuring arguments are passed directly to the executable rather than being interpreted by a shell environment.- [EXTERNAL_DOWNLOADS]: All external links provided in the SKILL.md are for documentation, installation, and training from well-known and trusted sources, including git-scm.com, atlassian.com, microsoft.com, and github.com. There are no automated scripts that download or execute code from untrusted remote servers.- [PROMPT_INJECTION]: The skill instructions do not contain any patterns attempting to override agent safety guidelines or system prompts. The 'Iron Laws' and 'Anti-Patterns' sections reinforce standard security and collaboration practices rather than attempting to manipulate the agent's behavior for malicious purposes.- [DATA_EXFILTRATION]: No data exfiltration patterns were found. The skill does not perform any network operations to send data to third-party domains. It explicitly warns users and the agent against committing credentials or sensitive files like .env to the repository history.

git-expert