commit-staged
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes dynamic context injection (
!) to execute shell commands such asgit status,git diff, anduv run prekduring the skill load phase. These commands are used to prepare the AI model's context with real-time data from the repository, ensuring the generated commit messages are accurate and relevant to the staged changes.\n- [PROMPT_INJECTION]: The skill includes an indirect prompt injection surface by processing external data from git diffs and user-provided notes.\n - Ingestion points: Data is ingested through
git diff --cachedand the$ARGUMENTSvariable.\n - Boundary markers: User notes are encapsulated within
<user_notes>XML-style tags to distinguish them from instructions.\n - Capability inventory: The skill has access to execute
git commitanduv run prek.\n - Sanitization: No explicit sanitization of the input content is implemented, although the skill enforces a strict Conventional Commits output format which limits the impact of potential injections.
Audit Metadata