Skills
skills/tonicmuroq/skills/repo-update/Gen Agent Trust Hub

repo-update

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/update_repos.py executes git commands via the Python subprocess module to manage repository state.
  • Evidence: The git() function invokes subprocess.run using a list of arguments: ["git", "-C", str(repo), *args].
  • Mitigation: The script avoids using shell=True, which reduces the risk of command injection. Furthermore, it implements sanitize_branch_component using a regular expression to clean branch names before using them in command-line arguments for backup branch creation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 02:53 AM