jj-vcs
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE] (SAFE): No malicious code or patterns detected. The skill consists entirely of Markdown documentation and configuration examples for the Jujutsu VCS.\n- [NO_CODE] (SAFE): This skill contains no active code or scripts; it is exclusively a documentation resource.\n- [EXTERNAL_DOWNLOADS] (SAFE): The documentation contains instructions to download the 'jj' binary from its official GitHub repository and via standard package managers (Cargo, Homebrew, Nix). These are standard and legitimate instructions for the tool being documented.\n- [INDIRECT_PROMPT_INJECTION] (SAFE): While the skill describes a system for processing repository data (a potential injection surface), it contains no scripts that automatically ingest untrusted data without user oversight.\n
- Ingestion points: Local repository files during VCS operations.\n
- Boundary markers: The documentation describes the use of standard conflict markers (e.g., <<<<<<<) and structured diffs.\n
- Capability inventory: Command-line version control operations via the 'jj' binary.\n
- Sanitization: Handled by the underlying 'jj' binary during processing.
Audit Metadata