setup-gitignore
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches gitignore templates from the well-known gitignore.io service (hosted by Toptal). This is standard and expected behavior for repository maintenance.
- [COMMAND_EXECUTION]: The skill utilizes common development tools such as
git,fd, andrgto inspect the repository state andcpto create a backup of the existing.gitignorefile before modification. - [DATA_EXFILTRATION]: To retrieve relevant templates, the skill sends a comma-separated list of detected project technologies (e.g., 'node', 'typescript') to the gitignore.io API. This information is project metadata rather than sensitive personal or credential data.
- [PROMPT_INJECTION]: The skill processes local file names and git status output as input, which represents a potential surface for indirect prompt injection.
- Ingestion points: Repository file names (via
fd) and the output ofgit status(processed inSKILL.md). - Boundary markers: None explicitly used when presenting data to the agent, although the workflow requires user confirmation for empirical patterns.
- Capability inventory: Writing to the
.gitignorefile and executing shell commands. - Sanitization: The skill filters filenames against a hardcoded detection table in
references/LANGUAGE-DETECTION.mdbefore using them as API keys, and requires user confirmation for empirical patterns, which significantly reduces the injection surface.
Audit Metadata