git
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes standard local
gitcommands includingstatus,diff,log,commit,push,pull,branch,merge, andstash. These operations are appropriate for a version control tool and follow best practices, such as requiring confirmation for destructive actions.\n- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it processes untrusted data from the repository (viagit diff) to generate commit messages.\n - Ingestion points: Untrusted data from the local repository is ingested via
git diff,git diff --cached, andgit log(SKILL.md).\n - Boundary markers: The skill lacks explicit boundary markers to separate the diff content from agent instructions, though it uses HEREDOC for the final command execution.\n
- Capability inventory: The skill can perform file staging, committing, and remote push/pull operations.\n
- Sanitization: No specific sanitization or filtering of the diff output is performed prior to context injection.
Audit Metadata