Skills
skills/twinfo-io/lifters-skills/lf-git-branch/Gen Agent Trust Hub

lf-git-branch

Pass

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes git checkout, fetch, and push commands via the bash tool. These commands are dynamically constructed using variables for directory paths and branch references.
  • [PROMPT_INJECTION]: The skill processes untrusted data that is used to construct shell commands, creating a risk of indirect prompt injection. \n
  • Ingestion points: Submodule paths are ingested from the project environment in Step 0; the base reference is ingested from user input in Step 3. \n
  • Boundary markers: No delimiters or warnings are used when interpolating these variables into bash commands. \n
  • Capability inventory: The skill uses the bash tool, enabling filesystem modifications and network communication via git. \n
  • Sanitization: The skill validates the branch name in Step 1 but fails to sanitize or escape submodule paths and base references used in Steps 5 and 6.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 6, 2026, 12:15 AM