commit-helper
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill executes local git commands (
git diff,git log) to collect context. These are standard read-only operations for development workflows and do not involve administrative privileges or network requests. - PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection (Category 8). It ingests untrusted data from the local repository and interpolates it directly into the prompt without sanitization or clear boundary markers.
- Ingestion points: Output from
git diff --stagedandgit login SKILL.md. - Boundary markers: Absent; git output is included as raw text.
- Capability inventory: Instructions imply the agent has the capability to generate and suggest (or execute) shell commands for committing.
- Sanitization: No evidence of escaping or filtering content from the diff output.
Audit Metadata