Skills
skills/athola/claude-night-market/git-platform/Gen Agent Trust Hub

git-platform

Pass

Audited by Gen Agent Trust Hub on May 28, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides command mappings for gh, glab, git, and curl to manage repository tasks like issue tracking and pull request reviews. These commands use standard development tools for their intended purpose.
  • [DATA_EXFILTRATION]: The skill facilitates the retrieval of metadata and content from Git forges (GitHub, GitLab, Bitbucket). This data ingestion targets official APIs and is used for project management within the agent's context.
  • [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface as it processes untrusted content from issues, pull requests, and discussion threads.
  • Ingestion points: Data enters the session context via forge API calls and CLI commands (gh issue view, glab mr view, etc.) documented in SKILL.md and modules/command-mapping.md.
  • Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions when the agent reads external content.
  • Capability inventory: The skill utilizes subprocess execution for git, gh, glab, and curl across its modules.
  • Sanitization: There are no explicit instructions for the agent to sanitize or validate the content retrieved from the git platforms.
Audit Metadata
Risk Level
SAFE
Analyzed
May 28, 2026, 05:50 AM
Security Audit — agent-trust-hub — git-platform