finishing-a-development-branch
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill executes standard git, gh, and language-specific test commands (npm, cargo, pytest, go). These are the primary functions of the skill and do not present unusual risk in a development environment.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill is susceptible to malicious configurations within the repository it operates on, such as a compromised test script in a package.json or Cargo.toml file. Evidence Chain: 1. Ingestion points: Reads command definitions from project configuration files. 2. Boundary markers: None. 3. Capability inventory: Execution of arbitrary shell commands via the test runner. 4. Sanitization: None.
Audit Metadata