finishing-a-development-branch
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill utilizes standard software development tools including git, npm, cargo, and pytest. These commands are executed locally to manage the development lifecycle and are consistent with the skill's stated purpose.
- PROMPT_INJECTION (SAFE): There are no detected patterns of prompt injection, jailbreaking, or attempts to bypass AI safety constraints. The instructions are focused on guiding the agent through a logical git workflow.
- DATA_EXFILTRATION (SAFE): Network operations are confined to standard git and GitHub CLI interactions (git push, gh pr create) directed at the user's configured repository origins.
- INDIRECT_PROMPT_INJECTION (SAFE): The skill handles repository metadata such as branch names and commit history. It follows security best practices by using quoted heredocs in shell commands to prevent unintended variable expansion or command injection from external repository data. Ingestion points: git branch names and commit messages. Boundary markers: quoted heredoc tags ('EOF'). Capability inventory: shell execution (git, npm, gh). Sanitization: shell-safe quoting for interpolated variables.
Audit Metadata