Skills
skills/notque/claude-code-toolkit/branch-naming/Gen Agent Trust Hub

branch-naming

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool and Python's subprocess.run() in scripts/validate.py to interact with Git (e.g., git branch --list and git ls-remote). These operations are used for legitimate validation tasks and are implemented safely using argument lists. The inputs provided to these commands are strictly sanitized and validated against a character whitelist (alphanumeric and hyphens) before execution, preventing command injection.
  • [EXTERNAL_DOWNLOADS]: The skill performs a network operation via git ls-remote to check the origin remote for existing branches. This is a standard Git workflow operation consistent with the skill's primary purpose and does not involve downloading or executing arbitrary code from untrusted sources.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 05:54 AM