Skills
skills/yusuke-suzuki/dotfiles/fixup/Gen Agent Trust Hub

fixup

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the git and gh (GitHub CLI) command-line interfaces to inspect the repository status and manipulate commit history. These operations are essential to the primary function of performing fixup commits and are consistent with professional development workflows.\n- [PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection by processing external data from the local repository environment.\n
  • Ingestion points: The skill reads commit history through git log, commit content via git show, and local guidelines from .claude/rules/commit-message.md.\n
  • Boundary markers: The instructions do not specify delimiters to isolate the ingested text from the agent's core instructions.\n
  • Capability inventory: The skill possesses the ability to modify the local file system (via git commits) and trigger other functional skills like /commit or /squash.\n
  • Sanitization: There is no evidence of sanitization or filtering applied to the commit data or rule files before they are processed by the agent. This represents a standard operational risk for tools that analyze developer-controlled content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 01:33 AM
Security Audit — agent-trust-hub — fixup