commit-workflow
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill contains only documentation and instructions. No scripts, binaries, or configuration files that execute code were found.
- [SAFE]: The workflow encourages best practices such as semantic commit formatting and using --force-with-lease for history updates.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection (Category 8) because it reads and processes external data from the repository (diffs, commit history).
- Ingestion points: Repository diffs, status, and commit logs in SKILL.md.
- Boundary markers: Absent.
- Capability inventory: Git command execution for staging, committing, and pushing.
- Sanitization: Not specified.
Audit Metadata