git-ops
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill interacts with the local file system and repository using the Bash tool to execute standard Git commands such as status, add, and commit. This is an intended and documented behavior of the skill for repository management.
- [INDIRECT_PROMPT_INJECTION]: The skill analyzes git diffs (potentially containing untrusted content) to generate automated commit messages, which is a known attack surface for indirect prompt injection.
- Ingestion points: The skill reads repository diffs and logs to analyze changes in
references/git.md. - Boundary markers: The instructions do not specify explicit delimiters or isolation markers for the analyzed diff content.
- Capability inventory: The skill uses Bash for git commands, Grep for log parsing, and Read for state analysis as described in
references/git.md. - Sanitization: The skill includes a validation step to ensure operations are appropriate for the current Git context, though specific content sanitization for diffs is not detailed.
Audit Metadata