gitworkflow

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the git and gh (GitHub CLI) command-line tools to manage repository operations, including branching, committing, pushing, and pull request management.
  • [COMMAND_EXECUTION]: The skill executes a local binary changelog located at ~/.local/bin/changelog. This tool is documented as a mandatory dependency for repository awareness and automated release notes generation.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it processes untrusted data from GitHub issue titles, descriptions, and pull request metadata to automate labeling and routing decisions.
  • Ingestion points: Untrusted data enters the agent context via gh issue list, gh issue view, and gh pr view in workflows/IssueAnalysis.md and workflows/CIMerge.md.
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are used when interpolating issue or PR content.
  • Capability inventory: The skill has significant capabilities including git commit, git push, gh pr merge, and gh issue edit across multiple workflow scripts.
  • Sanitization: No evidence of text sanitization or validation of external content was found prior to processing.
  • [SAFE]: The skill implements security best practices by checking for sensitive files (e.g., .env) in the staging area and verifying large file sizes before allowing commits.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 08:47 PM