Skills
skills/ulpi-io/skills/git-merge-expert/Gen Agent Trust Hub

git-merge-expert

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is configured to execute several system-level commands including git, gh (GitHub CLI), npm, and pnpm. These are used for operational tasks like merging, tagging, and running project-defined scripts (build and test).
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted data from Git repositories (conflict markers and PR descriptions). This data could be crafted to manipulate the agent's output or command execution.
  • Ingestion points: File contents during conflict resolution and PR metadata fetched via gh pr view.
  • Boundary markers: Absent; there are no specific instructions to treat content from these sources as data only or to ignore embedded instructions.
  • Capability inventory: The agent can perform significant file system and network operations via git and gh, and execute project code via npm/pnpm.
  • Sanitization: No sanitization or validation of the ingested code or metadata is performed before the agent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 01:30 PM