setup-gitignore

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches gitignore templates from the well-known gitignore.io service (hosted by Toptal). This is standard and expected behavior for repository maintenance.
  • [COMMAND_EXECUTION]: The skill utilizes common development tools such as git, fd, and rg to inspect the repository state and cp to create a backup of the existing .gitignore file before modification.
  • [DATA_EXFILTRATION]: To retrieve relevant templates, the skill sends a comma-separated list of detected project technologies (e.g., 'node', 'typescript') to the gitignore.io API. This information is project metadata rather than sensitive personal or credential data.
  • [PROMPT_INJECTION]: The skill processes local file names and git status output as input, which represents a potential surface for indirect prompt injection.
  • Ingestion points: Repository file names (via fd) and the output of git status (processed in SKILL.md).
  • Boundary markers: None explicitly used when presenting data to the agent, although the workflow requires user confirmation for empirical patterns.
  • Capability inventory: Writing to the .gitignore file and executing shell commands.
  • Sanitization: The skill filters filenames against a hardcoded detection table in references/LANGUAGE-DETECTION.md before using them as API keys, and requires user confirmation for empirical patterns, which significantly reduces the injection surface.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 04:50 AM
Security Audit — agent-trust-hub — setup-gitignore