git-master

[Skill Scanner] Skill instructions include directives to hide actions from user All findings: [HIGH] autonomy_abuse: Skill instructions include directives to hide actions from user (BH009) [AITech 13.3] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] This SKILL.md is coherent with its stated purpose as a Git assistant for commits, rebases/squashes, and history searches. It does not contain signs of malware, credential harvesting, or external data exfiltration. The main risk is operational: the commands provided can rewrite history and recommend force-pushing, which can cause data loss or disrupt collaborators if used improperly. Treat this skill as powerful but benign — enforce operational safeguards (confirm before destructive actions, avoid force-pushes without review, run in a safe environment). LLM verification: This SKILL.md is consistent with its stated purpose: it provides actionable Git commands and policies for committing, rebasing, and history queries. It does not contain network exfiltration, hardcoded secrets, obfuscated code, or external downloads. However, it includes several high-impact and potentially dangerous instructions for history rewriting and force-pushing, and explicitly encourages hiding agent provenance and silently excluding files — behaviors that can be abused to conceal automate