git-automation
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions were found that attempt to override agent behavior, bypass safety filters, or extract system prompts.
- [Data Exposure & Exfiltration] (SAFE): The skill does not access sensitive local files or perform unauthorized network operations. References to credentials (e.g., $BEADS_API_KEY) are limited to standard environment variable troubleshooting by the user.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill utilizes standard developer tools (Git, NPM). It does not contain patterns for downloading or executing arbitrary scripts from untrusted remote URLs.
- [Indirect Prompt Injection] (LOW): The skill interacts with external data sources like Git commit messages and Beads task tracking.
- Ingestion points: Git commit history and Beads task descriptions in
git-automation. - Boundary markers: None explicitly defined for untrusted data separation.
- Capability inventory: Performs local Git operations (
commit,sync,branch) and updates external task statuses. - Sanitization: Implements strict validation rules for commit messages and atomic commit enforcement to ensure data integrity.
Audit Metadata