conventional-commits
Pass
Audited by Gen Agent Trust Hub on Feb 13, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill is composed entirely of markdown instructions and JSON metadata. There are no shell scripts, Python files, or JavaScript files included in the package.
- [DATA_EXFILTRATION] (SAFE): No network operations or sensitive file access patterns were detected. The only URLs present are documentation links to conventionalcommits.org.
- [PROMPT_INJECTION] (SAFE): The instructions are focused on formatting standards and do not contain any attempt to bypass agent safety filters or override system instructions.
- [REMOTE_CODE_EXECUTION] (SAFE): No remote code patterns or dependency installations are present.
- [INDIRECT_PROMPT_INJECTION] (SAFE): (Category 8
- Tier: INFO) While the skill processes user-provided descriptions of code changes to format them, it lacks any executable capabilities (file-write, shell access, or network calls). It functions strictly as a text formatter/summarizer.
Audit Metadata