local-merge
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides defensive git workflow instructions focused on data integrity and state preservation. No malicious patterns, obfuscation, or unauthorized access attempts were detected.
- [COMMAND_EXECUTION]: The skill utilizes git CLI commands. It includes a security-critical instruction to 'Validate refs before constructing shell commands', which effectively mitigates potential command injection from user-provided branch names or commit messages.
- [DATA_EXFILTRATION]: Network operations are restricted to standard git functions (push, fetch, clone) interacting with the repository's configured remote. There is no evidence of unauthorized exfiltration of sensitive files or credentials.
- [SAFE]: The skill's ingestion of external data (git history and diffs) was assessed for indirect prompt injection risk. The surface is well-contained as the skill does not execute the content of the repository or allow it to influence privileged actions.
- Ingestion points: The skill reads
status,ahead and behind counts,incoming commit log, anddiff statin Phase 2 of SKILL.md. - Boundary markers: None explicitly defined for repo content.
- Capability inventory: Git push and worktree modification are documented in SKILL.md.
- Sanitization: Ref validation is required before any command execution.
Audit Metadata