Skills
skills/howarewoo/woostack/woostack-commit/Gen Agent Trust Hub

woostack-commit

Warn

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes shell commands defined in the .woostack/config.json configuration file.
  • Evidence: In Step 3, the instruction reads the commit.pre_commit key and executes the resulting string in the user's shell.
  • [COMMAND_EXECUTION]: Executes a bash script from an external directory path.
  • Evidence: Steps 2 and 7 invoke bash <wi>/resolve-base.sh using a path determined by the <wi> placeholder.
  • [COMMAND_EXECUTION]: Uses command-line tools to perform git and pull request operations.
  • Evidence: The skill makes extensive use of git, gt (Graphite), and gh (GitHub CLI) to modify local and remote repository states.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 15, 2026, 04:07 PM
Security Audit — agent-trust-hub — woostack-commit