resolving-merge-conflicts
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its requirement to process untrusted data from the git environment.
- Ingestion points: The agent is instructed to read commit messages, PR descriptions, and issues/tickets (SKILL.md, Step 2).
- Boundary markers: Absent; there are no delimiters or instructions provided to treat the external content as untrusted data.
- Capability inventory: The agent is authorized to execute git commands and project-specific automated checks/tests (SKILL.md, Step 4).
- Sanitization: Absent; the skill does not perform any validation or filtering of the content ingested from the external sources.
- [COMMAND_EXECUTION]: The skill directs the agent to execute shell commands to verify the resolution.
- Evidence: Step 4 instructs the agent to "Discover the project's automated checks and run them — typically typecheck, then tests, then format" (SKILL.md).
Audit Metadata