Skills
skills/flora131/atomic/sl-commit/Gen Agent Trust Hub

sl-commit

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by ingesting untrusted data from local repository changes.\n
  • Ingestion points: The agent reads the output of the sl diff command to analyze code changes and generate commit messages (SKILL.md).\n
  • Boundary markers: The instructions do not define delimiters or specific 'ignore' directives to prevent the agent from following instructions embedded within the code being committed.\n
  • Capability inventory: The skill uses sl status, sl diff, sl add, and sl commit (SKILL.md).\n
  • Sanitization: There is no sanitization or validation of the diff content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 04:38 PM