Skills
skills/notque/claude-code-toolkit/git-commit-flow/Gen Agent Trust Hub

git-commit-flow

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements a phase-gated git commit workflow (VALIDATE, STAGE, COMMIT, VERIFY) designed to ensure repository health and security.
  • [SAFE]: Phase 1 includes a mandatory scan for sensitive files (e.g., .env, .pem, .key, credentials), blocking the workflow if any are detected to prevent accidental data exposure.
  • [SAFE]: The provided Python scripts (scripts/validate_state.py and scripts/validate_message.py) utilize the standard library and execute git commands securely via subprocess.run with list-based arguments, avoiding shell injection risks.
  • [SAFE]: The skill enforces 'CLAUDE.md' compliance to prevent tool-specific attribution noise, which is a common repository management best practice.
  • [SAFE]: Staging rules and commit message validation ensure atomic, reviewable commits and adhere to the Conventional Commits specification. No evidence of obfuscation, malicious persistence, or data exfiltration was found.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 05:55 AM