push
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious code or suspicious patterns were detected in the skill instructions or associated scripts. The skill follows development best practices by including filters for sensitive data.
- [COMMAND_EXECUTION]: The skill executes local command-line tools including
git,go,python, andshellcheck. These operations are limited to the user's local development environment and are necessary for the skill's stated purpose of project validation. - [DATA_EXFILTRATION]: While the skill interacts with remote repositories via
git push, it implements logic to skip files matching patterns such as.env*,*credentials*,*secret*,*.key, and*.pem, effectively reducing the risk of accidental credential leakage. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it reads file diffs to generate commit messages. An attacker with write access to the repository could attempt to influence the agent's output by placing instructions in the code diff.
- Ingestion points: Git diffs processed in Step 4 of SKILL.md.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the prompt template.
- Capability inventory: Shell command execution via git, python, and go binaries (SKILL.md).
- Sanitization: No sanitization is performed on the code diffs before they are provided to the model for commit message generation.
Audit Metadata