Skills
skills/charon-fan/agent-playbook/commit-helper/Gen Agent Trust Hub

commit-helper

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute git diff for reviewing changes and git commit for applying the generated messages. It also executes a local Python script (scripts/validate_commit.py) to ensure messages adhere to formatting standards.
  • [PROMPT_INJECTION]: The skill processes untrusted data in the form of git diff output. This presents a surface for indirect prompt injection where malicious instructions embedded in the codebase being committed could potentially influence the agent's behavior. However, the skill's capabilities are limited to Git operations and message formatting.
  • Ingestion points: SKILL.md describes a workflow that involves running git diff to review changes.
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands are present for the diff content.
  • Capability inventory: Bash, Read, Write, Edit, Grep tools allowed in SKILL.md.
  • Sanitization: The validate_commit.py script validates the structure of the message but does not sanitize the content of the diff itself.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 02:05 AM