skillsman-branch
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a strict branching model and naming conventions (lowercase English, digits, and hyphens), which serves as a safeguard against command injection and prevents the creation of misleading or incompatible branch names.
- [SAFE]: It incorporates mandatory preflight checks, such as verifying the repository state and fetching from the remote, ensuring the agent operates on the most current and valid data before executing changes.
- [SAFE]: Governance rules are explicitly defined to protect critical branches (e.g., prohibiting direct pushes to 'main' or 'develop'), enforcing best practices like the use of pull requests for code integration.
- [SAFE]: The skill includes instructions to sanitize and translate user-provided descriptions into English kebab-case slugs, which reduces the attack surface for indirect prompt injection by ensuring user input is transformed into a controlled format before use in shell commands.
- [SAFE]: No malicious patterns, such as obfuscation, credential exfiltration, or unauthorized remote code execution, were detected in the instructions or configuration files.
Audit Metadata