commit
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local git commands (git diff, git log, and git commit) to automate the repository management workflow.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted content from staged file diffs to generate commit messages.
- Ingestion points: Data enters the agent context via the output of git diff --cached (SKILL.md).
- Boundary markers: No specific delimiters or boundary instructions are used to isolate the diff content from the agent's instructions.
- Capability inventory: The skill has the capability to perform write operations on the filesystem via git commit (SKILL.md).
- Sanitization: While the skill includes instructions to abort if secrets are detected, it lacks mechanisms to sanitize or ignore instructions that may be embedded within code comments in the ingested diff.
Audit Metadata