gitworkflow
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
gitandgh(GitHub CLI) command-line tools to manage repository operations, including branching, committing, pushing, and pull request management. - [COMMAND_EXECUTION]: The skill executes a local binary
changeloglocated at~/.local/bin/changelog. This tool is documented as a mandatory dependency for repository awareness and automated release notes generation. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it processes untrusted data from GitHub issue titles, descriptions, and pull request metadata to automate labeling and routing decisions.
- Ingestion points: Untrusted data enters the agent context via
gh issue list,gh issue view, andgh pr viewinworkflows/IssueAnalysis.mdandworkflows/CIMerge.md. - Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are used when interpolating issue or PR content.
- Capability inventory: The skill has significant capabilities including
git commit,git push,gh pr merge, andgh issue editacross multiple workflow scripts. - Sanitization: No evidence of text sanitization or validation of external content was found prior to processing.
- [SAFE]: The skill implements security best practices by checking for sensitive files (e.g.,
.env) in the staging area and verifying large file sizes before allowing commits.
Audit Metadata