Skills
skills/bulls-cows/skills/yy-commit/Gen Agent Trust Hub

yy-commit

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface by reading and interpreting untrusted data from the local file system.
  • Ingestion points: The agent reads file changes via git diff and project documentation such as AGENTS.md or README.md (SKILL.md).
  • Boundary markers: There are no explicit markers or instructions to isolate analyzed code content from the agent's control logic, which could allow malicious code comments to influence the agent's behavior or commit message generation.
  • Capability inventory: The skill allows the agent to execute shell commands (git add, git commit) to modify the repository state.
  • Sanitization: File content and diff data are processed without sanitization or filtering before being interpolated into the reasoning context.
  • [COMMAND_EXECUTION]: The skill relies on executing local shell commands (git status, git diff, git log, git add, git commit). While these are intended for the git workflow, they represent a capability that could be misused if the agent's reasoning is compromised by external input during the context analysis phase.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 06:37 AM