branch-name
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes local Git commands (git diff, git log) to gather the necessary context for generating branch names. These commands are used as intended for the skill's primary purpose and do not pose a security risk in this context.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes data from external sources (Git repository logs and diffs). 1. Ingestion points: In rules/branch-name.md, data is ingested via git diff and git log. 2. Boundary markers: No explicit boundary markers or instructions to ignore embedded commands within the diff or logs are present. 3. Capability inventory: The skill performs read-only Git operations and outputs text suggestions. 4. Sanitization: There is no explicit sanitization or filtering of the ingested commit messages or diff content before processing.
Audit Metadata