Skills
skills/jamie-bitflight/claude_skills/commitlint/Gen Agent Trust Hub

commitlint

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill describes an integration pattern (Validation Loop) where untrusted data (commit messages) is processed by the agent and fed back into its context.
  • Ingestion points: The message input in the validate_message (JavaScript) and validate_with_commitlint (Python) code snippets in SKILL.md.
  • Boundary markers: Absent. The provided snippets interpolate the raw commit message directly into the validation logic without delimiters or instructions to ignore embedded commands.
  • Capability inventory: The skill utilizes subprocess.run to execute shell commands (npx commitlint) and programmatic API calls via @commitlint/lint in SKILL.md.
  • Sanitization: Absent. The logic does not perform escaping or validation of the commit message content before processing it in the agent's feedback loop.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 08:40 AM