git-collaboration-workflow
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it instructs the agent to process untrusted external data such as git commit messages, diffs, and pull request descriptions.\n
- Ingestion points: Project context, working tree changes, and pull request documentation (as defined in SKILL.md and references/review-and-release.md).\n
- Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore embedded instructions in the processed git data.\n
- Capability inventory: The skill is intended for platforms like claude-code and codex, which possess extensive shell and file system capabilities.\n
- Sanitization: No sanitization or validation of the ingested git content is specified in the workflow.\n- [NO_CODE]: The skill consists exclusively of instructional Markdown files. It does not include any scripts, executables, or automated configuration files.
Audit Metadata