git-master
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted user input via arguments and passes them directly to a sub-agent prompt.
- Ingestion points: User input provided through the
{{ARGUMENTS}}variable inSKILL.md. - Boundary markers: None identified; the user input is interpolated directly without delimiters or safety instructions to ignore embedded commands.
- Capability inventory: The spawned sub-agent (
oh-my-codex:git-master) is authorized for git operations, implying capabilities for file system modification and repository history management. - Sanitization: There is no evidence of input validation, sanitization, or escaping before the data is processed by the sub-agent.
Audit Metadata