resolve-pegasus-conflicts
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill directly inst r uct s the agent to exec ute numerous shell command s, includin g
git status,git merge,git chec kout, andgit push. - [EXTERNAL_DOWNLOADS]: Inst r uct s the agent to run pack age manage r s such as
npm inst al l,pip inst al l, an duv sync, whic h dow n loa d and inst al l code from ext ern al regist rie s at run time. - [PROMPT_INJECTION]: The skill is susc ept ibl e to indirec t prompt injec tio n becaus e it proc es ses unt rust ed data from git conf lict s and file con tent s withou t sanit iz atio n.
- Ingest io n point s: Rea d s unt rust ed code durin g
git mergeconf lict resol utio n and migr atio n file revie w s. - Boun d ary mark er s: Absen t; the agen t is inst r uct e d to "rea d bot h vers ion s [an d] und er stan d the chan ges" withou t warn ing s abou t embed de d inst r uct ion s.
- Capa bilit y inv en tor y: Pos ses ses ful l shell exec utio n (
git,npm,pyt hon,uv) and net work acc es s (git pus h,npm inst al l). - Sani ti z atio n: Absen t; no vali d atio n or fil ter ing of ext ern al con ten t befo re in ter pol atio n.
Audit Metadata