git-squash
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes standard git commands (
checkout,pull,merge,branch,push) to manage the repository state. These actions are necessary for the skill's primary purpose.\n- [PROMPT_INJECTION]: The 'Proceed without confirmation' instruction directs the agent to skip user verification for actions that modify the repository and delete branches.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface via the branch name parameter, which is interpolated into shell commands without explicit sanitization.\n - Ingestion points: Branch name argument in
SKILL.md.\n - Boundary markers: None present.\n
- Capability inventory: Git subprocess calls throughout
SKILL.md.\n - Sanitization: None provided in the instructions.
Audit Metadata