committing-code
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes git commands to manage the repository state. It uses a restricted configuration that scopes the execution environment to specific git subcommands, which minimizes the risk of arbitrary command injection.
- [DATA_EXPOSURE]: Implements a security-first approach by explicitly excluding sensitive file patterns (e.g., .env, .pem, credentials, secret) from being staged or committed, reducing the risk of accidental credential leakage.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface typical of repository management tools. Ingestion points: Processes external data from git history and file differences via git log and git diff commands. Boundary markers: No specific delimiters are defined to separate user-controlled repository content from agent instructions. Capability inventory: Includes the ability to perform repository write operations such as git add and git commit. Sanitization: Relies on file name filtering to exclude sensitive paths but does not sanitize the contents of logs or diffs.
Audit Metadata