git-workflow

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is a collection of best practices and helper scripts for standard Git and GitHub workflow management. No malicious intent or suspicious patterns were found.
  • [COMMAND_EXECUTION]: Shell commands and scripts are strictly focused on git and gh (GitHub CLI) operations, such as managing worktrees, reviewing pull requests, and creating releases. These operations are appropriate for the skill's stated purpose.
  • [REMOTE_CODE_EXECUTION]: The skill references well-known development tools and frameworks, including Husky, CaptainHook, Lefthook, and various GitHub Actions. These are standard industry tools for managing hooks and CI/CD pipelines.
  • [DATA_EXFILTRATION]: No data exfiltration patterns were detected. The skill encourages security hygiene, such as verifying that .env files are ignored and ensuring that commits are GPG/SSH signed.
  • [PROMPT_INJECTION]: No evidence of prompt injection or instructions designed to bypass agent safety filters was found.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 06:22 PM
Security Audit — agent-trust-hub — git-workflow