Skills
skills/bntvllnt/agent-skills/git/Gen Agent Trust Hub

git

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from git logs, diffs, and GitHub PR comments.
  • Ingestion points: Untrusted data enters the agent context via git log, git diff, and gh pr view --comments in files such as references/worktree-summary.md, references/pr-review-workflow.md, and references/commit-workflow.md.
  • Boundary markers: The instructions lack explicit boundary markers or specific "ignore embedded instructions" warnings to the agent to prevent it from obeying commands found within the code or comments it analyzes.
  • Capability inventory: The skill has access to network-capable tools (git push, gh pr create) and state-changing file operations (git commit, git worktree add, git worktree remove) defined in the workflow references.
  • Sanitization: There is no explicit sanitization or escaping of the external content before it is interpolated into the agent's prompts or analysis reports.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 12:52 PM