Git Commit

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXPOSURE]: The skill reads local repository information including git status, git diff, and git log. It also fetches Jira ticket details (titles, descriptions, comments) through the Zapier MCP tool. This data is used solely to generate the commit message and is not sent to unauthorized external domains.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from external sources (Jira ticket content) and local code (git diffs). An attacker with access to the Jira project or the codebase could theoretically embed instructions in ticket comments or code comments. However, the risk is minimal because the skill mandates a 'Human-in-the-Loop' workflow via the AskUserQuestion tool, and the final execution of git commit or git push requires explicit user approval.
  • [COMMAND_EXECUTION]: The skill uses a restricted set of git commands (status, diff, add, branch, log) via the Bash tool. While the instructions suggest executing git commit and git push, these are intentionally omitted from the allowed-tools configuration in the frontmatter, ensuring they cannot be executed without the platform's standard permission flow or explicit user intervention.
  • [SAFE_PRACTICES]: The skill follows security best practices by avoiding git add . or git add -A, opting instead to commit only staged and understood files. It also utilizes heredocs for multi-line commit messages to prevent command injection or formatting issues in the shell.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 12:21 PM
Security Audit — agent-trust-hub — Git Commit