Skills
skills/sd0xdev/sd0x-dev-flow/git-profile/Gen Agent Trust Hub

git-profile

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local system commands including git, gpg, and jq to manage identity profiles. All write operations are restricted to the local repository scope (git config --local) and are explicitly gated by user approval via the AskUserQuestion tool.
  • [SAFE]: The script implements a robust integrity check using plan-hash verification. This ensures that the configuration applied during the 'apply' phase exactly matches the plan generated and reviewed by the user during the 'resolve' phase.
  • [SAFE]: Registry management uses atomic writes with temporary files and restricted file permissions (0600), and utilizes directory-based locking to prevent race conditions during concurrent access.
  • [DATA_EXFILTRATION]: No network operations were detected. The skill's activity is confined to local configuration files and the GPG keyring metadata.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 06:40 AM