git-workflow
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a collection of best practices and helper scripts for standard Git and GitHub workflow management. No malicious intent or suspicious patterns were found.
- [COMMAND_EXECUTION]: Shell commands and scripts are strictly focused on
gitandgh(GitHub CLI) operations, such as managing worktrees, reviewing pull requests, and creating releases. These operations are appropriate for the skill's stated purpose. - [REMOTE_CODE_EXECUTION]: The skill references well-known development tools and frameworks, including Husky, CaptainHook, Lefthook, and various GitHub Actions. These are standard industry tools for managing hooks and CI/CD pipelines.
- [DATA_EXFILTRATION]: No data exfiltration patterns were detected. The skill encourages security hygiene, such as verifying that
.envfiles are ignored and ensuring that commits are GPG/SSH signed. - [PROMPT_INJECTION]: No evidence of prompt injection or instructions designed to bypass agent safety filters was found.
Audit Metadata