Skills
skills/juanca202/ai/git-commit/Gen Agent Trust Hub

git-commit

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes the output of git diff, which can contain arbitrary text from code comments or file content. If this content contains instructions designed to manipulate the agent, the agent might follow them while having access to the shell.
  • Ingestion points: The agent executes git diff --staged and git diff to analyze changes in the repository (SKILL.md).
  • Boundary markers: There are no explicit instructions or delimiters defined to treat the content of the diff as untrusted data or to ignore instructions embedded within it.
  • Capability inventory: The skill is granted access to the Bash tool (YAML frontmatter), which allows it to execute arbitrary shell commands, modify files, and interact with the environment.
  • Sanitization: The skill performs checks for hardcoded secrets and sensitive file paths but does not include any validation or sanitization to prevent the interpretation of prompt injection payloads within the diff data.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 07:02 PM
Security Audit — agent-trust-hub — git-commit