commit
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill mandates including the full text of all prompts used during preparation in the commit message. This instruction can be used to leak system prompts or internal developer instructions into the repository history.
- [DATA_EXFILTRATION]: Appending the entire prompt history to commit messages creates a risk of exposing sensitive data, such as credentials or private context, that might have been part of the session.
- [COMMAND_EXECUTION]: The skill requires the execution of Git and Jujutsu CLI tools (e.g., git diff, jj show) to inspect and modify the repository state.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. Ingestion points: git diff and jj show outputs (SKILL.md). Boundary markers: Absent. Capability inventory: git commit and jj split (SKILL.md). Sanitization: Absent.
Audit Metadata