git-submodule

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides structured guidance and command templates for Git submodule management. All commands provided (git submodule add, update, init, etc.) are standard Git operations intended for the stated purpose.
  • [SAFE]: References to external documentation point to well-known and trusted sources, including official Git documentation, Atlassian tutorials, and GitHub documentation.
  • [SAFE]: Mentions of CI/CD configurations, such as GitHub Actions YAML snippets with ${{ secrets.DEPLOY_KEY }}, are provided as standard documentation examples for secure credential management in automation and do not constitute credential exposure or theft.
  • [SAFE]: The skill uses a structured 'intake' step to normalize user requests into a YAML format, which helps the agent reason about the user's intent before executing commands, serving as a defensive layer against accidental misconfiguration.
  • [SAFE]: No obfuscation, remote code execution patterns, or unauthorized data exfiltration mechanisms were detected. The use of system tools (Bash, Read, Write, Edit, Glob, Grep) is appropriate for a version control management skill.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 07:06 AM
Security Audit — agent-trust-hub — git-submodule