Skills
skills/gitagenthq/git-agent-cli/use-git-agent/Socket

use-git-agent

Warn

Audited by Socket on May 14, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS: The skill’s capabilities mostly fit its stated git-assistant purpose, but it relies on an external `git-agent` binary whose provenance is not fully verifiable from the provided evidence and that may receive provider API keys from local config. The main risk is supply-chain and credential forwarding to a non-fully-verified CLI, not clear malicious intent.

Confidence: 82%Severity: 80%
Audit Metadata
Analyzed At
May 14, 2026, 01:29 PM
Package URL
pkg:socket/skills-sh/GitAgentHQ%2Fgit-agent-cli%2Fuse-git-agent%2F@080c0a1f82ab3e8a263dc0db0b26e0ed94872091