Skills
skills/stevengonsalvez/agents-in-a-box/merge-agent-work/Gen Agent Trust Hub

merge-agent-work

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes a bash script that performs git operations by calling a function from an internal utility script located at ../utils/git-worktree-utils.sh.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it accepts a user-provided parameter (the agent ID or timestamp) and passes it directly to a shell function.
  • Ingestion points: Untrusted data enters the agent context via the first command-line argument assigned to AGENT_ID in SKILL.md.
  • Boundary markers: No delimiters or instructions are present to prevent the agent from misinterpreting potential instructions in the input.
  • Capability inventory: The skill has the capability to execute shell commands and modify the git state of the repository via the merge_agent_work function in SKILL.md.
  • Sanitization: No escaping or validation is performed on the input in SKILL.md before it is passed to the shell function.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 09:05 AM