Git Repo

The git-repo skill bundle provides advanced Git management and SourceGit integration, but it includes high-risk instructions that bypass user confirmation for automated tasks. Specifically, clone.md contains instructions to retrieve GitHub tokens using 'gh auth token' and perform clones 'automatically without user confirmation,' while sourcegit.md directs the agent to directly modify the SourceGit 'preference.json' configuration file. While these capabilities (and the associated scripts like repo-to-ghq.sh and git-fix-worktree.sh) are aligned with the stated purpose of repository management, the combination of token access and automated execution without oversight presents a significant attack surface for prompt injection.