Skills
skills/adeonir/agent-skills/git-helpers/Gen Agent Trust Hub

git-helpers

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted data from code diffs, status reports, and commit histories which could contain malicious directives (Ingestion points: references/code-review.md, references/commit.md, references/summary.md).
  • Boundary markers: The skill implements a 'Data Trust Boundary' protocol in references/code-review.md and references/commit.md, explicitly instructing the agent to discard any directives or prompts found within diff content.
  • Capability inventory: The skill can execute shell commands via git and gh, write to local files (PR_SUMMARY.md), and execute local project test suites (references/finish-branch.md).
  • Sanitization: Sanitization relies on explicit behavioral instructions to treat VCS output strictly as data for analysis and never as executable instructions.
  • [COMMAND_EXECUTION]: The skill frequently interacts with the local environment using git and the GitHub CLI (gh). It also includes a workflow to execute the project's own test suite (references/finish-branch.md), which is a standard developer tool capability.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 06:55 PM
Security Audit — agent-trust-hub — git-helpers