Skills
skills/fandhe-ai/agent-reference-skills/create-commit/Gen Agent Trust Hub

create-commit

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local git commands including 'git status', 'git diff', and 'git commit' to manage the repository state as part of its primary functionality.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it analyzes untrusted data from the codebase.
  • Ingestion points: The output of 'git diff --staged' is used to generate commit messages (SKILL.md).
  • Boundary markers: Absent. The skill does not use specific delimiters to separate code content from instructions.
  • Capability inventory: The skill can execute shell commands via 'git commit' (SKILL.md).
  • Sanitization: The skill employs quoted heredocs ('EOF') to prevent shell injection and includes instructions to abort if sensitive files are detected.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 12:06 PM
Security Audit — agent-trust-hub — create-commit