git-convention
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): The skill uses instructional language to define Git workflows and commit standards. There are no attempts to bypass safety filters, extract system prompts, or override core instructions.
- [Data Exposure & Exfiltration] (SAFE): No network operations (curl, wget, fetch) or hardcoded credentials are present. The skill actively promotes security by instructing users to ignore sensitive files like
.envand.vscode/via.gitignoreand manual verification (git status). - [Remote Code Execution] (SAFE): No remote scripts are downloaded or executed. All code blocks provided are standard Git CLI commands meant for local version control management.
- [Indirect Prompt Injection] (SAFE): The skill is purely instructional and does not provide automated scripts that parse external data. It reduces risk by requiring manual verification of changes before they are added to the version control system.
- [Obfuscation] (SAFE): All content is provided in clear-text Markdown and French. No encoded strings (Base64), zero-width characters, or homoglyphs were detected.
Audit Metadata