Skills
skills/conor-yek/agent_skills/smart-commit/Gen Agent Trust Hub

smart-commit

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: Executes local git commands to manage repository state, including git status, git add, git commit, and git submodule operations. These are standard operations for a version control assistant.
  • [PROMPT_INJECTION]: Processes untrusted content from repository diffs to generate commit messages, which presents a surface for indirect prompt injection.
  • Ingestion points: Reads code changes via git diff and git status in SKILL.md.
  • Boundary markers: No explicit delimiters are used to separate repository content from the internal prompt instructions.
  • Capability inventory: Possesses the ability to write to the local file system (git add/commit) and communicate with remote servers (git push).
  • Sanitization: The skill does not explicitly describe sanitization of the repository metadata before it is processed by the model.
  • [DATA_EXFILTRATION]: Performs git push operations to synchronize the local repository with remote branches. While this involves sending data over the network, it is the primary intended function of the skill and targets the user-defined remote ('origin').
  • [SAFE]: Implements a robust security check phase (Step 3b) that explicitly searches for sensitive filenames (e.g., .env, credentials, *.key, *.pem) and merge conflict markers, warning the user or blocking the commit if risks are detected.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 03:15 AM
Security Audit — agent-trust-hub — smart-commit