git-advanced-workflows
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions found that attempt to override agent behavior, bypass safety guidelines, or extract system prompts.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file access (e.g., SSH keys, AWS configs), or network exfiltration patterns detected.
- [Obfuscation] (SAFE): The content is clear and readable with no use of Base64, zero-width characters, or hidden Unicode tags.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill mentions
npm testand./test.shwithin the context ofgit bisect run. These are standard Git debugging workflows and do not involve downloading or executing untrusted remote code. - [Privilege Escalation] (SAFE): No commands for acquiring elevated permissions (like
sudoorchmod 777) are present. - [Persistence Mechanisms] (SAFE): No attempts to modify shell profiles, cron jobs, or system services for persistence.
- [Indirect Prompt Injection] (SAFE): While the skill involves processing Git history, it does not suggest patterns that would ingest untrusted data into a prompt context without boundaries.
Audit Metadata