commit
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes multiple git commands (status, diff, commit, fetch, push) to automate repository management.
- [COMMAND_EXECUTION]: Invokes pnpm scripts such as lint, test, and build, which are defined in the local project's package configuration.
- [COMMAND_EXECUTION]: Grants the agent the authority to delete or consolidate files identified as 'cruft' during workspace tidying.
- [REMOTE_CODE_EXECUTION]: Running pnpm test or build commands can trigger arbitrary code execution defined within the repository's test files or build scripts.
- [DATA_EXFILTRATION]: Performs git push operations, which transmit local codebase changes and potentially sensitive committed data to a remote origin.
- [PROMPT_INJECTION]: Subject to indirect prompt injection because it analyzes untrusted git diff outputs and file contents during the categorization and grouping phases.
- Ingestion points: git status and git diff outputs processed in the 'Analyze' step.
- Boundary markers: No delimiters or instructions to ignore embedded commands are present when analyzing diff data.
- Capability inventory: Shell execution (git, pnpm), file system modification (delete), and network transmission (push).
- Sanitization: No evidence of sanitization for the data processed during analysis.
Audit Metadata