finishing-a-development-branch
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local commands to verify code quality using various test runners (npm, cargo, pytest, go) and performs Git management and GitHub PR creation.
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface where repository data influences execution. 1. Ingestion points: Branch names and commit lists are retrieved from the local environment via 'git' commands in SKILL.md. 2. Boundary markers: Absent; data is used directly in terminal output and command strings. 3. Capability inventory: The agent has the capability to run local subprocesses, perform filesystem operations via 'cat' and PR body creation, and network operations via 'git push' and 'gh pr create'. 4. Sanitization: Absent; the skill does not escape or validate branch names or commit history before using them in shell command interpolation.
Audit Metadata