commit
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes a local shell script (
scripts/validate-commit.sh) to perform validation on user-provided commit messages. This script operates on untrusted input passed via command line arguments. - [PROMPT_INJECTION]: The validation script is susceptible to a JSON injection vulnerability because it directly interpolates the
$HEADERvariable into a JSON string usingechowithout escaping double quotes or other control characters. A carefully crafted commit message could break the JSON structure, potentially influencing how the AI agent interprets the validation result. - Ingestion points: User-provided commit messages processed by the
validate-commit.shscript (referenced inSKILL.md). - Boundary markers: None present; user input is passed directly to the shell script as a string argument.
- Capability inventory: Execution of bash scripts and subsequent parsing of JSON output by the agent.
- Sanitization: Absent; the script fails to sanitize or escape special characters in the input before generating output.
Audit Metadata