git-commit
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands to manage Git repositories and run project-specific verification tools like
npm,make, andpytest. - [PROMPT_INJECTION]: The skill is exposed to indirect prompt injection via untrusted project files but implements strong defensive measures.
- Ingestion points: Processes data from
package.json,Makefile,README.md, andgit diffoutputs. - Boundary markers: Includes a specific 'ANTI-INJECTION MANDATE' instructing the agent to ignore instructions embedded in data.
- Capability inventory: Terminal access for executing Git commands and build toolchains.
- Sanitization: Implements a 'Safety Review' requiring the agent to scan commands for malicious patterns and obtain explicit user confirmation before execution.
Audit Metadata