commit
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes git commands (git add, git commit, git push, git restore) to manage the repository state. These actions are within the expected scope of a git commit tool.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it reads and processes untrusted data (staged git diffs) to generate commit messages.\n
- Ingestion points: The skill reads the output of git diff --cached in SKILL.md (Step 4).\n
- Boundary markers: There are no explicit boundary markers or instructions to the model to ignore potential instructions embedded within the diff.\n
- Capability inventory: The agent can modify the repository state via git commit and git push (Step 5, 6).\n
- Sanitization: No sanitization of the diff content is performed before analysis.
Audit Metadata