graphite
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious behavior, obfuscation, or persistence mechanisms were detected. The skill's content is entirely consistent with its stated purpose of providing documentation for the Graphite CLI.
- [EXTERNAL_DOWNLOADS] (LOW): The skill points to official documentation at graphite.com and provides standard Homebrew installation instructions. These are expected for this utility and point to trustworthy sources associated with the tool.
- [COMMAND_EXECUTION] (LOW): The skill describes the execution of
gtandgitcommands. These are the primary purpose of the skill and are restricted to repository management tasks. Examples like$(whoami)are standard configuration patterns. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes repository metadata such as branch names and PR descriptions which could contain untrusted data. This is a common surface for version control skills and is mitigated by the agent's internal safety guardrails.
Audit Metadata