Skills
skills/yusuke-suzuki/dotfiles/sync/Gen Agent Trust Hub

sync

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOWCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill executes Git commands (git status, git fetch, git log, git rebase). These are standard for local repository management and are restricted to the context of the current Git project.
  • [DATA_EXFILTRATION] (LOW): Network communication occurs via git fetch origin to retrieve remote updates. While standard for Git, it constitutes external communication with a remote server.
  • [PROMPT_INJECTION] (LOW): Vulnerable to Indirect Prompt Injection through commit history. 1. Ingestion points: git log output. 2. Boundary markers: Absent. 3. Capability inventory: Local repository modification via git rebase and git add. 4. Sanitization: Absent. The skill displays commit messages which could contain malicious instructions designed to influence the agent context.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 01:36 PM