Skills
skills/habonn/portal-skills/commit-msg/Gen Agent Trust Hub

commit-msg

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill facilitates the execution of local shell commands including git status, git diff, git add, and git commit to manage repository changes. These commands are integral to the skill's stated purpose of assisting with git workflows.
  • [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection as it ingests untrusted data from the codebase through git diff operations.
  • Ingestion points: The agent is instructed to run git diff --staged and git diff in SKILL.md to analyze changes for commit message generation.
  • Boundary markers: There are no explicit boundary markers or instructions to treat the output of the diff commands as untrusted content.
  • Capability inventory: The skill possesses the capability to modify the repository state via git add and git commit based on its analysis of the ingested data.
  • Sanitization: No sanitization or validation logic is defined to prevent the agent from being influenced by instructions embedded within the source code changes being reviewed.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 04:32 AM