git-bisect-debugging
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses git and shell commands to navigate repository history and execute tests.
- [EXTERNAL_DOWNLOADS]: The test script templates suggest using package managers like npm and pip to install dependencies, which involves downloading code from public registries.
- [REMOTE_CODE_EXECUTION]: By running test scripts on various commits, the skill executes code that could be malicious if the repository history is untrusted.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection from repository content.
- Ingestion points: Commit messages, diffs, and test execution logs are read from the git repository into the agent's context.
- Boundary markers: The skill does not define clear delimiters or instructions to ignore instructions within the ingested data.
- Capability inventory: The agent has the ability to execute shell commands, manage files, and launch subagents via the Task tool.
- Sanitization: No evidence of output sanitization or validation of the data retrieved from the repository history before it is processed.
Audit Metadata