Skills
skills/gsmlg-dev/code-agent/cmd-git-commit/Gen Agent Trust Hub

cmd-git-commit

Warn

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill contains an explicit instruction to 'Run autonomously without approval'. This is a safety bypass pattern that attempts to remove human-in-the-loop oversight for commands that modify the file system, increasing the risk of unauthorized or harmful persistent changes.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface. Ingestion points: Untrusted data is ingested via the {{INPUT}} placeholder and by analyzing staged/unstaged changes in the repository (SKILL.md). Boundary markers: There are no delimiters or instructions to treat external data as non-executable content. Capability inventory: The agent is authorized to use git add and git commit to modify the repository (SKILL.md). Sanitization: No sanitization or validation is applied to the analyzed file content or input data.
  • [COMMAND_EXECUTION]: The skill utilizes shell commands (git add, git commit) to modify the local environment. When combined with the autonomous execution instruction, this creates a significant risk that a malicious payload in a file change or user input could trick the agent into committing harmful code or sensitive data without user verification.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 27, 2026, 07:41 AM
Security Audit — agent-trust-hub — cmd-git-commit