The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses shell commands including git diff --cached and git commit to retrieve staged changes and commit them to the repository. These operations are essential for the skill's stated purpose but involve direct interaction with the host system's shell.- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection by processing untrusted data from the local repository diffs. • Ingestion points: External data enters the context via the git diff --cached command output (SKILL.md). • Boundary markers: There are no markers or delimiters defined to isolate the diff content from the skill's instructions. • Capability inventory: The skill has the capability to execute git commit and generate natural language output based on the diff (SKILL.md). • Sanitization: No validation or sanitization is performed on the diff content, meaning malicious instructions embedded in code comments or files could influence the agent's logic or the resulting commit message.

git-commit