git-ops

Pass

Audited by Gen Agent Trust Hub on Jun 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/git_safe_exec.sh executes git commands by interpolating a variable into a shell command without quoting (git $cmd). This creates a risk of command injection if the input contains shell metacharacters, which could occur if the agent processes a repository with maliciously crafted filenames or branch names.
  • [DATA_EXFILTRATION]: The skill's primary function includes pushing code to remote servers and interacting with the GitHub API to create Pull Requests. This involves sending local repository content and metadata to external services as part of the intended git workflow.
  • [EXTERNAL_DOWNLOADS]: The workflow instructions for the AI agent include automatic execution of project setup commands (e.g., npm install, pip install, cargo build) when creating new git worktrees. This results in the acquisition and execution of external packages from public registries based on the contents of the repository being worked on.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 25, 2026, 09:15 AM
Security Audit — agent-trust-hub — git-ops