Skills
skills/ahgraber/skills/commit-message/Gen Agent Trust Hub

commit-message

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION] (MEDIUM): Vulnerability to indirect prompt injection through staged repository content.
  • Ingestion points: SKILL.md workflow step 2 ingests data via get_changed_files or git diff --cached.
  • Boundary markers: Absent; the agent is directed to analyze the diff content directly without delimiters or instruction isolation.
  • Capability inventory: Executes local subprocesses git rev-parse and git diff (SKILL.md); no network or file-write capabilities identified.
  • Sanitization: Absent; the skill processes raw diff output.
  • [COMMAND_EXECUTION] (LOW): The skill executes standard Git commands for local repository introspection.
  • Evidence: git rev-parse --show-toplevel and git diff --cached are used in SKILL.md to resolve context and retrieve data.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 12:46 PM