smart-commit
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a hardcoded set of local Git commands to automate the staging and committing process. These commands are limited to
git add,git diff,git branch,git log, andgit commitwithin the current repository context.- [PROMPT_INJECTION]: The skill processes untrusted input from the Git environment, which presents a surface for indirect prompt injection. - Ingestion points: The skill reads data from the staged diff (
git diff --cached), the recent commit history (git log), and any provided optional arguments. - Boundary markers: There are no explicit delimiters or boundary markers used to separate the content being analyzed (like code comments or diff text) from the agent's internal instructions.
- Capability inventory: The agent's capabilities are strictly constrained to the six allowed Git commands defined in the skill instructions. It cannot perform network operations or execute arbitrary shell scripts.
- Sanitization: No specific sanitization or filtering is applied to the Git diff or log data before it is processed by the model to generate the commit message.
Audit Metadata