human-commit
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local git commands (
git diff,git status,git log) to retrieve the state of the repository. These commands are used as intended for the skill's primary purpose of analyzing code changes.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from the local repository's diffs and logs. - Ingestion points: Data is ingested through
git diff --cached,git diff HEAD, andgit log --oneline -5. - Boundary markers: No specific boundary markers or instructions are provided to the model to ignore potential instructions embedded within the code changes.
- Capability inventory: The skill's capabilities are limited to reading git metadata and generating text; it does not perform network operations or write to the filesystem.
- Sanitization: The skill does not perform sanitization or filtering of the diff content before processing.
Audit Metadata