git-pushing-fast-cn
Pass
Audited by Gen Agent Trust Hub on Jun 30, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute a series of Git commands locally, including
git status,git diff,git add,git commit, andgit push. These are intended to manage repository state and sync with remote servers as per standard development workflows. - [DATA_EXFILTRATION]: By design, the skill transmits local file changes to a remote Git server via
git push. While this is the primary functionality, it involves the transfer of local data to an external destination defined in the repository's configuration. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted local data by reading the output of
git diffto generate commit messages. - Ingestion points: Git diff output and repository status are read into the agent's context in Step 1.
- Boundary markers: No explicit delimiters or instructions are used to isolate the diff content from the agent's core logic.
- Capability inventory: The skill can execute shell commands for Git operations, which includes writing to the history and network communication.
- Sanitization: No explicit sanitization or filtering of the diff content is performed before it is used to generate the commit message.
Audit Metadata