Skills
skills/mantinedev/mantine/merge-cascade/Gen Agent Trust Hub

merge-cascade

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a sequence of Git commands (git fetch, git reset --hard, git checkout, git merge, git push) and yarn install to automate branch synchronization and dependency reconciliation.
  • [EXTERNAL_DOWNLOADS]: The skill downloads project dependencies from the public Yarn registry and fetches updates from configured Git remotes such as GitHub or GitLab.
  • [PROMPT_INJECTION]: The skill ingests and analyzes untrusted data from conflicted files (code, changelogs, metadata) during the merge resolution phase.
  • Ingestion points: Reads file contents returned by git diff --name-only --diff-filter=U in SKILL.md.
  • Boundary markers: Absent; the agent is instructed to "understand the conflict" directly from the file content.
  • Capability inventory: The agent has access to full Git operations and package manager execution across all involved files.
  • Sanitization: None; the skill relies on the agent's internal interpretation of code changes to resolve conflicts.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 12:33 AM
Security Audit — agent-trust-hub — merge-cascade