commit
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted data from local file changes via git commands to generate commit messages. This is a standard surface for indirect prompt injection where malicious code comments could attempt to influence the agent's output. \n
- Ingestion points: Output of
git status --porcelainandgit diff --cachedin SKILL.md. \n - Boundary markers: Absent; the agent is instructed to analyze the command output directly. \n
- Capability inventory: Local git operations including
git add,git reset, andgit commitas defined in SKILL.md. \n - Sanitization: The skill includes a specific instruction to verify that secrets and
.envfiles are excluded via.gitignorebefore staging changes.
Audit Metadata