start-feature
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill leverages restricted git commands (status, branch, checkout) for its primary operations. These tools are used for intended git workflows and do not allow arbitrary system command execution.
- [DATA_EXFILTRATION] (SAFE): The skill does not perform any network requests or attempt to access sensitive system files or credentials.
- [PROMPT_INJECTION] (SAFE): The skill processes user descriptions but applies a strict transformation process (extracting keywords and formatting as kebab-case) before generating branch names. This acts as a robust sanitization layer against indirect prompt injection. 1. Ingestion: User feature descriptions. 2. Boundaries: Absent. 3. Capabilities: Git branch management. 4. Sanitization: Mandatory slugification logic.
- [REMOTE_CODE_EXECUTION] (SAFE): There are no patterns involving the download or execution of remote scripts or unverified dependencies.
Audit Metadata