Skills
skills/alex-ilgayev/mcpspy/git-commit-creator/Gen Agent Trust Hub

git-commit-creator

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The skill utilizes the Bash tool to execute standard Git commands (status, diff, index, add, checkout, commit, show) as defined in SKILL.md. These operations are restricted to the git binary and are appropriate for the skill's intended use.
  • [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. (1) Ingestion points: Untrusted data from repository files enters the agent context via git diff and git status commands executed in SKILL.md. (2) Boundary markers: There are no explicit delimiters or 'ignore' instructions provided to the agent to distinguish between repository data and instructions. (3) Capability inventory: The skill has the ability to modify the repository and create branches using the Bash(git ...:*) tools listed in SKILL.md. (4) Sanitization: No sanitization or validation of the diff content is performed before the agent interprets it to generate commit messages and branch names.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:16 PM