branch-finalization
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill utilizes standard development tools (git, npm, cargo, gh) for local repository management. No suspicious commands or privilege escalation attempts were detected.
- DATA_EXFILTRATION (SAFE): Network activity is restricted to git push and gh pr create to the user's configured origin and GitHub. No exfiltration to unknown domains occurs.
- INDIRECT_PROMPT_INJECTION (SAFE): (1) Ingestion points: Local repository metadata like branch names and commit logs. (2) Boundary markers: Present; the skill uses secure quoted heredocs (<<'EOF') when constructing PR bodies to prevent shell expansion of untrusted content. (3) Capability inventory: Shell command execution (test runners) and network access (git/gh). (4) Sanitization: Relies on standard shell quoting and procedural constraints.
- PROMPT_INJECTION (SAFE): The skill contains no instructions designed to bypass agent constraints or safety protocols.
Audit Metadata