Skills
skills/yonatangross/skillforge-claude-plugin/git-workflow/Gen Agent Trust Hub

git-workflow

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is designed to interact with Git repositories by reading metadata such as branch names, commit messages, and diffs, which represents an untrusted ingestion point that could be exploited to influence agent behavior.
  • Ingestion points: Commands like git branch, git log, and git diff (referenced in SKILL.md, checklists/pre-commit-checklist.md, and rules/recovery-reflog.md) ingest repository data into the agent's context.
  • Boundary markers: The skill does not provide specific delimiters or instructions to ignore embedded commands within Git metadata during processing.
  • Capability inventory: The skill enables the use of the Bash tool to execute potentially destructive commands like git reset --hard, git push --force-with-lease, and git checkout based on the ingested data.
  • Sanitization: There is no evidence of sanitization or validation of Git metadata before it is interpolated into shell commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 09:46 AM