commit
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute standard git commands (status, diff, add, commit) for managing the local repository.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data from file diffs. * Ingestion points: 'git diff' and 'git status' output (SKILL.md). * Boundary markers: Absent; the skill does not use delimiters to wrap the diff output or include instructions to ignore embedded commands. * Capability inventory: The 'Bash' tool is available and can be used to execute commands (SKILL.md). * Sanitization: None; the skill reads and reviews the diff content without filtering or escaping potentially malicious instructions.
Audit Metadata