graphite
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill restricts tool usage to specific version control commands. Although wildcards are used, they are confined to known binaries (gt, git, gh) essential for PR management.
- [DATA_EXFILTRATION] (SAFE): No evidence of unauthorized access to sensitive files or exfiltration to unknown domains. Interaction with external services is limited to standard GitHub operations through the 'gh' CLI.
- [PROMPT_INJECTION] (SAFE): No instructions targeting the bypass of safety guardrails or system prompt extraction were identified.
- [INDIRECT_PROMPT_INJECTION] (SAFE): The skill processes local file content and git diffs to generate PR descriptions. While this is an ingestion surface, the skill is designed for this purpose and includes technical guidance (using --body-file and temporary files) to handle data correctly. [Ingestion points: git diff, file contents; Boundary markers: Absent; Capability inventory: GitHub PR management; Sanitization: Use of temporary files avoids common shell injection vulnerabilities].
Audit Metadata