Skills
skills/snailuu/skill/git-exclude/Gen Agent Trust Hub

git-exclude

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to interact with the local file system and Git binary. It performs operations such as checking repository status, reading configuration files, and removing files from the Git index. These actions are aligned with the skill's purpose but involve high-privilege tool usage.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it incorporates untrusted user input into shell commands.
  • Ingestion points: In Step 3, the skill parses user-specified patterns for files, folders, and wildcards.
  • Boundary markers: For multiple rules, the skill uses a heredoc with 'EOF' (Step 5), which acts as a boundary. However, single-line rules are appended using standard echo commands without explicit shell delimiters.
  • Capability inventory: The skill utilizes the Bash tool to execute a variety of commands including git, echo, cat, and rm.
  • Sanitization: The skill performs path normalization (e.g., removing './') but does not describe any logic to escape shell-sensitive characters (like backticks or dollar signs) in the user-provided patterns.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 04:41 AM