Skills
skills/xiaobei930/cc-best/git/Gen Agent Trust Hub

git

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted content from Git repositories, which introduces a surface for indirect prompt injection.
  • Ingestion points: The skill uses the Bash tool to execute git log, git status, and git diff, which bring commit messages, branch names, and file contents into the agent's context.
  • Boundary markers: There are no explicit instructions or delimiters used to separate user instructions from data read from the repository.
  • Capability inventory: The skill is granted Bash, Write, Edit, and Glob permissions, which could be misused if the agent obeys instructions embedded in commit messages or file diffs.
  • Sanitization: No sanitization or validation of the Git output is described before the data is processed by the LLM.
  • [COMMAND_EXECUTION]: The skill relies on the Bash tool to perform its core functionality, executing various Git and GitHub CLI (gh) commands. While expected for a Git skill, this provides a high level of capability to the agent.
  • [SAFE]: The skill provides documentation on defensive Git hooks and .gitignore templates aimed at preventing the submission of sensitive information like API keys and environment files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 06:01 AM