skills/swaroopsm/skills/git-commit/Gen Agent Trust Hub

git-commit

Pass

Audited by Gen Agent Trust Hub on Jul 9, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill facilitates standard git workflows by assisting with the formatting of commit messages based on repository metadata and staged diffs.
  • [COMMAND_EXECUTION]: The skill uses git commands (branch, log, diff, status) to gather context about the project's current state. The final action involves executing git commit with arguments constructed from user-approved text. These operations are well-scoped to the skill's intended purpose.
  • [PROMPT_INJECTION]: The skill reads data from git diff, which could potentially contain adversarial content designed to influence the agent (indirect prompt injection). However, the skill explicitly requires the agent to present commit message options to the user and wait for a manual selection or confirmation before executing the commit, providing a robust human-in-the-loop defense.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 9, 2026, 11:31 AM
Security Audit — agent-trust-hub — git-commit