finishing-a-development-branch
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows secure development practices by requiring successful test execution before allowing any destructive or integration actions (merge/push).
- [SAFE]: Command execution is limited to standard development tools (git, gh, npm, cargo, pytest, go) for their intended purposes within a repository context.
- [SAFE]: The skill uses safe shell practices, such as the use of quoted heredocs (EOF) when constructing Pull Request bodies, which prevents command injection from potentially untrusted content like commit messages.
- [SAFE]: Destructive operations, such as discarding work (Option 4), require explicit user confirmation via a specific string ('discard'), preventing accidental data loss.
- [SAFE]: No obfuscation, data exfiltration patterns, or unauthorized credential access were detected.
Audit Metadata