git-commit
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DYNAMIC_CONTEXT_INJECTION]: The SKILL.md file includes examples using the
!commandsyntax, such as!git statusand!git diff HEAD. This syntax allows shell commands to be executed automatically when the skill is loaded in certain environments to provide real-time repository context. These specific commands are standard git utilities and do not involve unauthorized data access or network exfiltration. - [COMMAND_EXECUTION]: The skill is designed to perform filesystem operations by executing
git addandgit commitcommands. This is the primary intended function of the skill and is documented clearly in the execution principles. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes untrusted data from the git workspace through commands like
git diff. Instructions embedded within the code changes being analyzed could potentially influence the agent's summary or the generated commit message. - Ingestion points: Output from
git statusandgit diff HEAD(SKILL.md). - Boundary markers: Absent. There are no explicit instructions for the agent to ignore instructions found within the data being committed.
- Capability inventory: Local command execution via
git addandgit commit(SKILL.md). - Sanitization: Absent. The skill does not sanitize or escape the content of the diffs before processing.
Audit Metadata