Skills
skills/yonatangross/orchestkit/git-workflow/Gen Agent Trust Hub

git-workflow

Pass

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill is designed to analyze and act upon repository data (diffs, logs, and files) which may contain untrusted content from external contributors.
  • Ingestion points: Data enters the agent's context through tools like git diff, git log, and git show (via the Bash tool), as well as the Read and Grep tools.
  • Boundary markers: There are no explicit instructions or delimiters used when processing Git output to prevent the agent from following instructions embedded within commit messages or code changes.
  • Capability inventory: The skill allows the use of the Bash tool, which provides a high-privilege surface for executing commands based on interpreted data.
  • Sanitization: The skill does not implement sanitization or filtering for the Git data it processes, relying on the underlying agent's own safety filters.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 20, 2026, 10:08 PM