managing-commits
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes 'git' and 'gh' commands using Python's
subprocess.runwith list-based arguments, which is a secure method that prevents command injection vulnerabilities. \n- [DATA_EXPOSURE]: Caching of issue data and project environment metadata is performed locally in the.claude/directory. No evidence of unauthorized network transmission or sensitive credential access (e.g., SSH keys or .env files) was found in the scripts or documentation. \n- [PROMPT_INJECTION]: The skill analyzes external content such as commit history and issue bodies, creating a surface for indirect prompt injection. \n - Ingestion points:
scripts/issue-tracker.py(via GitHub CLI) andscripts/commit-analyzer.py(via git log). \n - Boundary markers: The instructional prompts do not explicitly define delimiters to isolate external text from agent instructions. \n
- Capability inventory: The skill enables local file writes and repository commit operations through interactive scripts. \n
- Sanitization: There is no explicit sanitization of data ingested from the repository history before it is processed by the agent. \n- [REMOTE_CODE_EXECUTION]: No remote code execution patterns, external script downloads (e.g., curl|bash), or unverified third-party dependencies were detected. The skill relies exclusively on standard Python libraries.
Audit Metadata