git-commit
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to perform standard Git operations such as staging files and creating commits. These actions are restricted to the local environment and are consistent with the skill's stated purpose.
- [DATA_EXFILTRATION]: Includes proactive safety instructions to prevent the exposure of sensitive files like '.env', 'credentials.json', and private keys by explicitly instructing the agent never to commit them.
- [INDIRECT_PROMPT_INJECTION]: The skill analyzes file content through 'git diff', which presents a surface for indirect prompt injection. 1. Ingestion points: 'git diff' and 'git diff --staged' outputs in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: File staging and committing via Bash. 4. Sanitization: Absent.
Audit Metadata