The Agent Skills Directory

[SAFE]: The skill uses standard local tools including git diff, git log, git status, and Bash to inspect the repository's state. These tools are used as intended for analysis and commit generation within the local environment.\n- [SAFE]: No malicious patterns such as obfuscation, credential harvesting, unauthorized network access, or persistence mechanisms were detected. The skill's behavior is consistent with its stated purpose.\n- [SAFE]: The skill possesses an indirect prompt injection surface because it ingests untrusted data from code diffs and file contents (via Read and Grep). Ingestion points include command outputs from git diff and file reads across the workspace. While explicit boundary markers and sanitization steps are absent in the instructions, the skill minimizes risk by focusing on descriptive text generation rather than autonomous code execution based on the diff content, and the agent is instructed to present the output for user confirmation.

writing-commits