git-workflow

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides a comprehensive set of Git and GitHub CLI (gh) commands for branch management, merging, and PR handling. These are standard tools used according to best practices.- [EXTERNAL_DOWNLOADS]: Commands are included for interacting with remote repositories on GitHub (git pull, gh repo clone, gh release download). Interaction with these well-known services is expected for a Git-related skill.- [DATA_EXFILTRATION]: The skill manages data transfer to and from GitHub. No patterns were found indicating unauthorized exfiltration of sensitive local information (such as credentials or private keys) to untrusted third-party domains.- [SAFE]: The skill implements a robust "Git Security Protocol" which explicitly restricts destructive commands like git push --force and git reset --hard, requiring explicit user authorization. It also defines "Fail-Closed" merging policies to ensure code integrity.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 04:24 AM
Security Audit — agent-trust-hub — git-workflow