graphite-stacks
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill is purely instructional, providing guidance on using the legitimate Graphite CLI (
gt) for trunk-based development. - [Indirect Prompt Injection] (LOW): While the skill involves processing local file systems and git repository history (which are technically untrusted inputs), it does not perform unsafe interpolation or assemble commands directly from these sources in a way that would bypass agent safety logic.
- [COMMAND_EXECUTION] (SAFE): The commands listed (
gt create,gt modify,gt submit) are the primary and intended functions of the skill for version control management and do not exhibit malicious intent.
Audit Metadata