git-health
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill references a shell script named
git-health.shin the repository base directory, but this file was not included in the analyzed content. - [SAFE]: The documentation contains no evidence of direct prompt injection, obfuscation, hardcoded credentials, or suspicious remote downloads.
- [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection. 1. Ingestion points: Git commit messages, branch names, and hook configurations from a local repository. 2. Boundary markers: None mentioned in the documentation. 3. Capability inventory: Execution of shell commands via the diagnostic script. 4. Sanitization: Cannot be verified as the script source code is absent.
Audit Metadata