caveman-commit
Pass
Audited by Gen Agent Trust Hub on Jun 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The primary function of the skill is to provide text generation for git commit messages. It explicitly states in its boundaries that it does not execute git commands, stage files, or modify the repository state directly, ensuring human-in-the-loop operation.
- [SAFE]: The skill implements an 'Output Report' feature that maintains a history of its activity by writing files to a specific local directory (
llmwiki). This is a transparent documentation practice for project tracking and does not involve network exfiltration or access to sensitive user data. - [SAFE]: The skill processes project diffs to generate its reports. While this technically introduces an indirect prompt injection surface, the risk is negligible as the skill lacks dangerous capabilities such as network access or arbitrary command execution, and uses structured templates for its file-writing tasks.
- Ingestion points: Processes git diffs and user input summaries to generate commit messages and reports (SKILL.md).
- Boundary markers: No explicit safety delimiters are used for the input data.
- Capability inventory: File system write access restricted to the project's documentation directory (
llmwiki/). - Sanitization: The skill instructions provide strict formatting rules (e.g., kebab-case for filenames), which limits the potential for path traversal or malicious naming.
Audit Metadata