skills/sebas-aikon-intelligence/antigravity-awesome-skills/finishing-a-development-branch/Gen Agent Trust Hub
finishing-a-development-branch
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill executes shell commands for version control (git), pull request management (gh), and testing (npm, cargo, pytest, go). These operations are core to the skill's stated purpose of completing development work and do not represent unauthorized command execution.
- [DATA_EXFILTRATION] (SAFE): The skill performs
git pushandgh pr createoperations. These actions involve sending code to a remote server (origin), but this is the explicit and intended function of the 'Push and Create PR' option selected by the user. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill reads local repository data (branch names, commit lists) and incorporates them into shell commands and PR descriptions. While it lacks explicit boundary markers for this data, the ingestion is limited to the local development environment, posing a low risk typical of development-focused agents.
- [REMOTE_CODE_EXECUTION] (SAFE): While the skill runs test suites (e.g.,
npm test), which involves executing code found in the repository, this is a standard and necessary step for a developer agent to verify work before integration.
Audit Metadata