Skills
skills/freeacger/loom/finishing-a-development-branch/Gen Agent Trust Hub

finishing-a-development-branch

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill guides the agent to execute standard development commands such as npm test, cargo test, pytest, and various git commands (checkout, pull, merge, branch, push, worktree) to manage the development lifecycle.
  • [EXTERNAL_DOWNLOADS]: The skill interacts with remote repositories through git push and gh pr create, which are standard operations for synchronizing code with platforms like GitHub.
  • [PROMPT_INJECTION]: The skill identifies a potential surface for indirect prompt injection as it processes data from external command outputs.
  • Ingestion points: Command outputs from npm test, cargo test, pytest, go test, git merge-base, and git worktree list are read into the agent's context.
  • Boundary markers: No specific delimiters or instructions are used to separate command outputs from the agent's instructions.
  • Capability inventory: The skill allows the execution of git, gh, and language-specific test runners.
  • Sanitization: No filtering or validation is performed on command results before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 04:27 PM