skills/buiducnhat/co-drew/git-commit/Gen Agent Trust Hub

git-commit

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: Uses standard Git commands such as git diff, git status, git add, and git commit via the Bash tool. These are used for their intended purpose of version control management within a development environment.
  • [DATA_EXFILTRATION]: Explicitly instructs the agent to never commit secrets such as .env files, credentials.json, or private keys, reducing the risk of accidental sensitive data exposure.
  • [PROMPT_INJECTION]: The skill processes untrusted data in the form of git diff output which could theoretically contain indirect prompt injections meant to influence the generated commit message.
  • Ingestion points: Git diff output processed in SKILL.md.
  • Boundary markers: None present.
  • Capability inventory: git commit execution via Bash.
  • Sanitization: None present.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 11:23 AM
Security Audit — agent-trust-hub — git-commit