git
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill defines conventional commit standards and pull request templates that follow industry-standard practices without any malicious instructions or bypass attempts.
- [COMMAND_EXECUTION]: Employs standard version control and repository management tools including
gitandgh(GitHub CLI). These tools are used as intended for checking status, creating commits, and managing pull requests. - [DATA_EXFILTRATION]: Includes defensive instructions to mitigate accidental data exposure by specifically advising against bulk staging commands (like
git add .) to prevent leaking secrets or binaries into the repository history. - [PROMPT_INJECTION]: The skill interacts with external data by reading git diffs and issue content to generate descriptions. While this is an ingestion surface, the risk is limited to metadata generation (commit/PR messages) and the skill explicitly instructs the agent to derive commit types from the code diff rather than user descriptions, providing a layer of validation.
Audit Metadata