git-commit
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes standard git commands (status, diff, add, commit) as part of its primary function.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes untrusted repository data via git diff, which could contain malicious instructions designed to manipulate the generated commit messages or staging logic. Evidence: 1. Ingestion points: git diff and git diff --staged commands in SKILL.md. 2. Boundary markers: None defined. 3. Capability inventory: git add and git commit write operations. 4. Sanitization: No sanitization of diff output.
- [PRIVILEGE_MANAGEMENT] (LOW): Instructions specify committing directly without user confirmation, which removes a human-in-the-loop verification step for filesystem changes.
Audit Metadata