post-commit
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes standard Git commands (log, describe, add, commit, tag, push) via the Bash tool to manage repository metadata. It employs secure coding practices, specifically using single-quoted HEREDOCs (cat <<'EOF') for commit messages, which prevents shell variable expansion or command injection from the contents of the messages.
- [DATA_EXFILTRATION]: The skill includes a command to push tags to the remote 'origin' repository. While this is a network-based operation that transmits repository metadata externally, it is the intended and necessary behavior for version management automation and targets the repository's configured remote host.
- [SAFE]: No evidence of malicious patterns such as obfuscation, credential harvesting, unauthorized persistence, or privilege escalation was found. The skill's functionality is consistent with the vendor's provided metadata.
- [PROMPT_INJECTION]: The skill has an ingestion surface for untrusted data as it reads commit messages from the git history. Although this presents a risk of indirect prompt injection, the risk is mitigated by the specific operational scope and safe shell execution patterns.
- Ingestion points: Step 1 reads previous commit messages using git log.
- Boundary markers: No explicit delimiters are used when writing the message into CHANGELOG.md.
- Capability inventory: The skill can write to the filesystem and push to the origin remote.
- Sanitization: Command-level injection is prevented through the use of HEREDOC syntax for all generated git commits.
Audit Metadata