merge
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes various Git commands (
git commit,git rebase,git config) and an external CLI utility namedworkmuxvia the Bash tool. These commands are used to manage the local development workflow and repository state. - [INDIRECT_PROMPT_INJECTION]: The skill uses data derived from the local environment to construct shell commands, which presents a surface for potential injection if environment data (like branch names) is maliciously crafted.
- Ingestion points: Git branch names (retrieved via
git branch --show-current) and local Git configuration values (retrieved viagit config) are used as variables. - Boundary markers: There are no explicit delimiters or sanitization steps used when interpolating these variables into command strings.
- Capability inventory: The skill is granted access to the
Bashtool, allowing it to execute the constructed strings in a shell environment. - Sanitization: The instructions do not include validation or escaping for the branch names or configuration values before they are passed to the shell.
Audit Metadata