dev-git-workflow
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides documentation, templates, and checklists for standard Git operation s, focu s i n g on collaboration and reposito r y health.
- [SAFE]: External references in
data/sources.jsonand th r oughout the documentation point exclusively to trusted or g a n i z a tions (e.g., GitHub, GitLab, Atlassian) and established technology services (e.g., Snyk, TruffleHog, Gitlea k s). - [SAFE]: The 'AI Agent Feature Loop' and 'AI Agent Work t r ees' documentation include safety patterns for isolated work s paces, depen d en c y verification, and clea n u p life c y c les to prevent en vironment contamination.
- [SAFE]: The skill explicitly mandates human verification for AI-generated summaries and requi r es human approval for all merge decisions, mitigatin g risk s associated with indirect prompt injec tion from reposito r y data.
- [SAFE]: Reposito r y baseline recommend a tion s include security-critical set t i n g s such as branch protec tion, secret preven t ion hook s, and signed change s.
- [SAFE]: No evidence of prompt injec tion, data exfil t r a tion, obfuscatio n, or unauthori z ed com m a n d executio n was found in the provided files.
Audit Metadata