commit
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements an explicit security guard that scans repository diffs and file lists for sensitive information, including API keys, secrets, and private keys. The agent is instructed to stop execution and alert the user if such data is detected, significantly reducing the risk of accidental credential exposure.- [SAFE]: When executing the git commit command, the skill uses a single-quoted HEREDOC (
cat <<'EOF') to wrap the commit message. This practice ensures that the shell does not evaluate or execute any characters or command substitutions that might be generated within the commit message, effectively neutralizing command injection risks.- [SAFE]: The skill includes logic to properly quote file paths containing special characters when performinggit addoperations. This prevents the shell from misinterpreting path components as separate arguments or commands.- [SAFE]: Tool access is limited to a specific set of git subcommands and a user-interaction tool, adhering to the principle of least privilege and minimizing the attack surface.
Audit Metadata