git-pushing-fast-cn

Pass

Audited by Gen Agent Trust Hub on Jun 30, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute a series of Git commands locally, including git status, git diff, git add, git commit, and git push. These are intended to manage repository state and sync with remote servers as per standard development workflows.
  • [DATA_EXFILTRATION]: By design, the skill transmits local file changes to a remote Git server via git push. While this is the primary functionality, it involves the transfer of local data to an external destination defined in the repository's configuration.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted local data by reading the output of git diff to generate commit messages.
  • Ingestion points: Git diff output and repository status are read into the agent's context in Step 1.
  • Boundary markers: No explicit delimiters or instructions are used to isolate the diff content from the agent's core logic.
  • Capability inventory: The skill can execute shell commands for Git operations, which includes writing to the history and network communication.
  • Sanitization: No explicit sanitization or filtering of the diff content is performed before it is used to generate the commit message.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 30, 2026, 03:17 PM
Security Audit — agent-trust-hub — git-pushing-fast-cn