Skills
skills/gitbutlerapp/gitbutler/but/Gen Agent Trust Hub

but

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill's primary function is to orchestrate the GitButler CLI (but) for workspace-based version control. It establishes strict rules for the agent to use but instead of git for all state-changing operations, such as commits, branching, and pushing.
  • [REMOTE_CODE_EXECUTION]: The documentation references an installation script (curl -sSL https://gitbutler.com/install.sh | sh). This is a common pattern for CLI tool installation. Since the URL points to the vendor's official domain (gitbutler.com), it is a legitimate dependency for the skill's operation and is consistent with the author's identity.
  • [PROMPT_INJECTION]: The skill uses strong instructional language to override default agent behaviors (e.g., 'Never run git add'). This 'injection' is functional and necessary to steer the assistant toward the GitButler workflow, rather than an attempt to bypass safety or ethical constraints.
  • [SAFE]: No obfuscation, data exfiltration, or malicious persistence mechanisms were detected. The skill's code and documentation are transparent and align with the stated purpose of providing a developer tool interface.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 10:50 AM