git-master
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted data from git logs, diffs, and blame output which could contain malicious instructions designed to influence the agent's behavior.
- Ingestion points:
git log -p,git diff, andgit blameoutput is read into the agent context. - Boundary markers: Absent; there are no specific instructions for the agent to ignore instructions embedded within the git data.
- Capability inventory: The skill can perform
git commit,git push, andgit bisect run(script execution). - Sanitization: The skill proactively filters secret files (like
.env) but does not sanitize the text content of files for prompt injection patterns. - [Command Execution] (LOW): The skill utilizes
git bisect run ./test-script.sh, which executes a local script as part of the debugging process. - Evidence: Use of
git bisect runin History Mode. - Context: This is a standard and powerful Git feature required for the skill's archaeology purpose. The severity is low because it targets local repository files rather than remote downloads, and is restricted by the intended primary purpose of the tool.
Audit Metadata