git-codebase-preflight
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses local shell commands including
git log,git shortlog,grep,sort, anduniqto analyze the repository's history. These commands are used transparently as part of the skill's documented purpose to provide repository insights. - [DATA_EXPOSURE]: The skill extracts metadata from the git history, such as contributor names and commit frequencies. This is standard repository information and is not exfiltrated to external services.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data in the form of git commit messages. While a malicious repository could contain commit messages designed to influence agent behavior, the instructions guide the agent to interpret and summarize the data rather than execute it. This is a common attack surface for any tool processing text, and the risk is considered low in this context.
- Ingestion points: Git commit history and messages are read into the agent context via
git log. - Boundary markers: None explicitly defined in the prompts to separate git output from instructions.
- Capability inventory: The skill can execute local git commands and write a report file to the local disk (
git-codebase-preflight-report.md). - Sanitization: No specific sanitization of commit message content is performed before interpretation.
Audit Metadata