fork
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes multiple shell scripts to detect the repository context, including identifying git remotes, current branch names, and parsing owner/repository metadata from URLs.
- [COMMAND_EXECUTION]: Performs discovery of GitHub accounts by querying the GitHub CLI (
gh api user), checking global git configurations, and scanning for GitHub-related environment variables viamise env. - [COMMAND_EXECUTION]: Accesses the local
~/.ssh/configfile specifically to detect configured GitHub SSH hosts usinggrep. This is a limited read operation used solely for environment configuration. - [EXTERNAL_DOWNLOADS]: Includes logic to install
git-townand the GitHub CLI (gh) via the Homebrew package manager (brew install) if they are not detected on the system. These are recognized tools from well-known sources. - [COMMAND_EXECUTION]: Modifies git repository settings, including setting remote URLs and configuring
git-townparameters, after receiving user confirmation. - [SAFE]: The skill implements a mandatory 'Phase 1: GATE' using
AskUserQuestion. This ensures that all findings from the detection phase are presented to the user, and no mutations (such as creating forks or changing remotes) occur without explicit consent.
Audit Metadata