Skills
skills/tartinerlabs/skills/create-branch/Gen Agent Trust Hub

create-branch

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes local command-line tools, specifically git and the GitHub CLI (gh), to perform branch operations and link issues. It executes commands such as gh issue develop and git checkout -b using parameters derived from user input.
  • [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface by processing untrusted user input to form command arguments. This is documented according to the mandatory evidence chain:
  • Ingestion points: User-provided branch descriptions and issue numbers are captured and processed as described in SKILL.md.
  • Boundary markers: No explicit delimiters or boundary markers are defined to isolate user input within the command strings.
  • Capability inventory: The skill possesses the capability to execute shell commands (git and gh) on the local system.
  • Sanitization: rules/branch-naming.md enforces lowercase conversion, replaces spaces/underscores with hyphens, and rejects specific shell and git-sensitive characters including ~, ^, :, ?, *, [, ], \, @{, and ... This significantly reduces the risk of malicious command manipulation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 03:30 AM