git-master
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute various shell commands for repository management.
- Evidence: The script includes numerous git commands such as git status, git diff, git log, git rebase, and git commit within bash execution blocks.
- [PROMPT_INJECTION]: The skill uses strong, imperative language to override default behaviors and enforce a specific workflow.
- Evidence: The use of terms like HARD RULE, NON-NEGOTIABLE, and AUTOMATIC FAILURE are intended to mandate that the agent creates multiple atomic commits rather than single large ones.
- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it processes repository data.
- Ingestion points: The skill analyzes git log messages and file contents during rebase operations.
- Boundary markers: No delimiters or instructions were found that tell the agent to ignore instructions embedded in the logs or file data.
- Capability inventory: The agent is authorized to execute shell-based git commands.
- Sanitization: There is no evidence of filtering or sanitizing the data ingested from the git repository history.
Audit Metadata