git-advanced-workflows
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill provides legitimate guidance on using Git tools like rebase, cherry-pick, and bisect.\n- [COMMAND_EXECUTION]: The skill describes using
git bisect runwith external commands such asnpm testand local scripts like./test.sh. These are standard Git features for automated debugging and do not constitute a security risk in this context.\n- [PROMPT_INJECTION]: The skill involves processing Git commit history, which represents an indirect prompt injection surface.\n - Ingestion points: Git commit messages and file contents processed during history reviews or bisect operations (referenced in SKILL.md).\n
- Boundary markers: No specific delimiters or warnings to ignore embedded instructions are included.\n
- Capability inventory: Git command execution and script execution via
git bisect run(referenced in SKILL.md).\n - Sanitization: No sanitization of Git metadata or commit content is mentioned.
Audit Metadata