safe-push
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a variety of standard shell and git commands (
git diff,git log,grep,xargs,sleep) to inspect the repository state and perform auditing. These are used according to the skill's stated purpose of repo hygiene. - [DATA_EXFILTRATION]: While the skill's end goal is to send data to a remote server (
git push), it is explicitly designed as a security gate to prevent accidental data exfiltration. It requires user confirmation and performs comprehensive scans for secrets and PII before any transmission occurs. - [CREDENTIALS_UNSAFE]: The skill contains no hardcoded credentials. It provides an extensive list of regex patterns used to detect and block the push of credentials belonging to various services (AWS, GitHub, Slack, OpenAI, etc.).
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from repository files and commit messages.
- Ingestion points: Data enters the context via
git diff,git log, and direct file reading (git ls-files | xargs grep). - Boundary markers: The skill does not explicitly use LLM-specific boundary markers for this data, but it processes it using pattern-matching shell tools.
- Capability inventory: The skill has the capability to execute shell commands and perform
git pushoperations. - Sanitization: The skill relies on regex pattern matching to identify sensitive content rather than executing or interpreting the untrusted data as instructions.
Audit Metadata