git-commit-and-submit-pr
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill creates an indirect prompt injection surface by interpolating $ARGUMENTS into git command executions. Ingestion points: The $ARGUMENTS variable passed in SKILL.md. Boundary markers: No markers or 'ignore' instructions are used to separate user data from commands. Capability inventory: Orchestrates system shell access via the Bash tool. Sanitization: No input validation or escaping is implemented.
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to perform git operations, which involves executing commands within the system environment.
- [NO_CODE]: The skill contains no executable scripts or binary files and functions solely as a set of high-level instructions for the agent.
Audit Metadata