cmd-pr-conflict-resolver
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local commands including
git status,git diff,git log, andripgrep(rg). These tools are used for repository analysis and are appropriate for the task of conflict resolution within a local development environment. - [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection (Category 8) by reading and acting upon untrusted data from the repository. * Ingestion points: The agent reads file contents and git log history in Step 3 ('Build Context Per Conflict'). * Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore or isolate potentially malicious instructions embedded in the source code or commit messages. * Capability inventory: The agent is authorized to modify the local filesystem by resolving conflict markers and to stage files using
git addin Step 6. * Sanitization: No evidence of content sanitization, validation, or filtering is present for the data ingested from the repository before it is processed by the agent.
Audit Metadata