finishing-a-development-branch
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill executes standard local development commands (npm, cargo, pytest, go) and git operations as part of its core functionality. No high-risk commands or unauthorized privilege escalations were detected.
- DATA_EXFILTRATION (SAFE): Network activity is restricted to standard version control operations (git push and gh pr create) targeting the user's own repositories. No access to sensitive files or exfiltration attempts were found.
- PROMPT_INJECTION (SAFE): The skill defines a rigid, step-by-step process that limits the agent's exposure to malicious instructions embedded in branch names or commit messages. The use of quoted heredocs for pull request creation further mitigates injection risks.
Audit Metadata