fixup
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes standard git CLI commands like status, fetch, log, add, commit, rebase, and show to manage the local repository. These actions are within the intended scope of the skill's purpose.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes data from the repository's history and current state. 1. Ingestion points: The agent reads untrusted data from git log, git show, and git status outputs. 2. Boundary markers: No delimiters or instructions are provided to the agent to ignore instructions embedded within the git data. 3. Capability inventory: The skill has the ability to execute git commands and modify commits via git commit and git rebase. 4. Sanitization: No validation or filtering is applied to the repository data before it is presented to the agent.
Audit Metadata