commit-work
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill uses standard git commands (
git status,git diff,git commit) and repository-specific verification steps (tests, lint, build) to fulfill its primary purpose. These actions are performed locally and are expected for a developer tool. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests untrusted data via
git diff. While this presents a surface for indirect injection, the skill's logic is restricted to summarizing and committing changes rather than executing instructions found within the diff content. - Ingestion points: Git diff output and working tree state (SKILL.md).
- Boundary markers: Absent; rely on LLM instruction following.
- Capability inventory: Git command execution and local test/build script execution (SKILL.md).
- Sanitization: Absent; the skill relies on the agent's ability to distinguish between code changes and instructions.
Audit Metadata