resolving-merge-conflicts
Pass
Audited by Gen Agent Trust Hub on Jul 4, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: This skill consists entirely of natural language instructions within a Markdown file and does not include any executable scripts, binaries, or configuration files.
- [SAFE]: The provided instructions guide the agent through a legitimate developer workflow for conflict resolution. It encourages best practices, such as understanding original intent and running automated project checks (tests, formatters) to ensure code integrity.
- [PROMPT_INJECTION]: The skill instructions involve reading pull requests, issues, and commit history, which are external data sources that could theoretically contain indirect prompt injection content. This represents a standard risk surface for developer tools interacting with user-supplied content.
- Ingestion points: Git commit messages, Pull Request descriptions, and issue trackers (referenced in step 2).
- Boundary markers: None mentioned in the skill instructions.
- Capability inventory: The skill assumes the ability to execute git commands and project-specific automated checks (tests, formatters).
- Sanitization: No explicit sanitization or filtering of the ingested text is mentioned.
Audit Metadata