Skills
skills/warpdotdev/warp/resolve-merge-conflicts/Gen Agent Trust Hub

resolve-merge-conflicts

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script extract_conflict_context.py executes local Git commands such as ls-files, rev-parse, and show using the subprocess module. All calls utilize argument lists, which prevents shell injection vulnerabilities.
  • [DATA_EXFILTRATION]: The skill reads and displays the content of conflicted files and Git index stages to the agent. This access is limited to the local Git repository and is necessary for the intended functionality of conflict resolution.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests content from files within the repository.
  • Ingestion points: Conflict hunks and file data are read from the local worktree and Git stages in scripts/extract_conflict_context.py.
  • Boundary markers: The script provides structural delimiters like ours, theirs, and context to separate data, though it does not explicitly instruct the agent to ignore instructions found within that data.
  • Capability inventory: The SKILL.md instructions allow the agent to resolve conflicts through direct file edits or git checkout commands.
  • Sanitization: No sanitization or filtering is performed on the extracted file content.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 04:52 PM