writing-git-commits
Pass
Audited by Gen Agent Trust Hub on Jul 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to run
git statusandgit diffto analyze the repository state. These are legitimate, read-only operations for drafting commit messages. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it analyzes untrusted git diff data. 1. Ingestion points: Untrusted data enters the context via
git statusandgit diffoutputs as defined in the workflow. 2. Boundary markers: No delimiters are specified to isolate the untrusted diff content from the agent instructions. 3. Capability inventory: The skill actions are limited to drafting and validating commit messages; it lacks network access, sensitive file access, or file system write capabilities. 4. Sanitization: No sanitization or validation is performed on the ingested git data.
Audit Metadata