Skills
skills/dhruvanbhalara/skills/git-commit/Gen Agent Trust Hub

git-commit

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute standard Git commands like git status and git commit to manage project changes.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it processes untrusted file names from the repository to generate messages and commands. * Ingestion points: Modified file names are read via git status --short in SKILL.md. * Boundary markers: None; there are no delimiters to isolate file names from the command structure. * Capability inventory: Includes the ability to execute git commit via the shell. * Sanitization: None specified; the skill does not instruct the agent to escape file names before use.
  • [SAFE]: No malicious patterns, such as data exfiltration, credential harvesting, or unauthorized remote downloads, were detected in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 03:55 PM
Security Audit — agent-trust-hub — git-commit