git-commits
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute a bash script located at
$CLAUDE_PROJECT_DIR/.claude/scripts/generate-reasoning.shusing parameters provided during runtime ($hash and $message). This constitutes command execution of local scripts using variable input. - [PROMPT_INJECTION]: The skill includes explicit instructions to remove strings like 'Generated with Claude Code' and 'Co-Author' lines from git commits. This is a directive designed to deceive users about the AI origin of the code changes and bypass attribution standards.
Audit Metadata