ai-git-workflow
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes untrusted content from Git command outputs. (1) Ingestion points: git diff --cached and git log outputs (SKILL.md). (2) Boundary markers: Not explicitly defined in instructions. (3) Capability inventory: Standard Git read operations. (4) Sanitization: Relies on user confirmation before finalization. The risk is considered minimal given the human-in-the-loop requirement.
- [COMMAND_EXECUTION]: Employs standard local Git commands (git diff, git log) to retrieve necessary metadata for its stated purpose.
- [SAFE]: No evidence of network exfiltration, hardcoded credentials, obfuscated code, or unauthorized privilege escalation was found in the analyzed file.
Audit Metadata