commitlint
Fail
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill explicitly instructs the agent to suggest or use elevated privileges via 'sudo npm install -g' if standard installation fails, which is a high-risk privilege escalation pattern.
- [COMMAND_EXECUTION]: The validation workflow constructs shell commands by piping potentially untrusted data (commit messages, file contents, or git log output) directly into 'npx commitlint'. This pattern is vulnerable to command injection if the input contains shell metacharacters.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface.
- Ingestion points: Untrusted data enters the context through commit message strings, external files, or git logs as described in 'SKILL.md'.
- Boundary markers: None are present to delimit untrusted content from the shell commands.
- Capability inventory: The skill uses subprocess execution for 'npm', 'npx', 'echo', and 'cat'.
- Sanitization: There is no mention of escaping or validating the content before it is processed by the shell.
- [EXTERNAL_DOWNLOADS]: The skill automatically downloads and installs '@commitlint/cli' and '@commitlint/config-conventional' from the npm registry if they are missing.
Recommendations
- AI detected serious security threats
Audit Metadata