Skills
skills/mattbaconz/signal/signal-commit/Gen Agent Trust Hub

signal-commit

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill instructs the agent to operate with "zero prompts" and "zero confirmation by default," specifically telling it not to stop for acknowledgment or ask for review unless requested. This suppression of user oversight is a deliberate design choice for this "signal" skill but reduces security control over git operations.
  • [COMMAND_EXECUTION]: The skill relies on local scripts (scripts/commit.sh and scripts/commit.ps1) to execute git commands. The PowerShell execution uses the -ExecutionPolicy Bypass flag, which allows the script to run despite local security policies that might otherwise restrict script execution.
  • [PROMPT_INJECTION]: Surface for Indirect Prompt Injection (Category 8).
  • Ingestion points: The agent reads the output of git diff --staged && git diff to analyze code changes in SKILL.md.
  • Boundary markers: Absent. There are no explicit instructions or delimiters used to separate the diff content from the agent's instructions.
  • Capability inventory: The skill can stage all files (git add -A), commit them, and push to remote repositories (git push) via the scripts.
  • Sanitization: Absent. There is no evident sanitization of the diff content before it is processed by the agent to generate commit messages.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 11:45 PM