Skills
skills/agmangas/agent-skills/git-style-commit/Gen Agent Trust Hub

git-style-commit

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches commit emoji conventions from the official Gitmoji API at https://gitmoji.dev/api/gitmojis to maintain repository style consistency.
  • [COMMAND_EXECUTION]: The skill executes local git commands including git log, git diff, git add, and git commit to analyze and update the repository state.
  • [PROMPT_INJECTION]: An indirect prompt injection surface is present because the skill ingests untrusted data from the repository's history and diffs to generate commit messages and commands.
  • Ingestion points: Git commit history (git log) and pending file changes (git diff).
  • Boundary markers: No specific delimiters or 'ignore' instructions are used to separate ingested repository data from the agent's logic.
  • Capability inventory: Execution of shell commands (git add, git commit) is performed based on the content of the analyzed data.
  • Sanitization: No explicit sanitization or filtering of the ingested git data is performed prior to message generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 04:38 PM