graphite-commit

Pass

Audited by Gen Agent Trust Hub on Jul 1, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes Git, GitHub CLI (gh), and Graphite CLI (gt) to manage development workflows. These commands are restricted via the allowed-tools frontmatter and are used exclusively for repository management, commit generation, and PR lifecycle tasks.
  • [SAFE]: The skill includes explicit safety constraints, such as 'Never commit secrets such as .env, credentials, tokens, private keys' and 'Never force push to main, master, or trunk,' which demonstrate best practices for secure development operations.
  • [SAFE]: No evidence of prompt injection, obfuscation, or unauthorized data exfiltration was found. Network-related operations are limited to authenticated GitHub/Graphite interactions as required by the user's intent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 1, 2026, 12:01 AM
Security Audit — agent-trust-hub — graphite-commit