Skills
skills/derklinke/codex-config/commit-conventions/Gen Agent Trust Hub

commit-conventions

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes Git CLI commands including git status, git diff, git add, and git commit, and is authorized to execute project-specific formatting commands to resolve hook failures.
  • [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection by incorporating untrusted data from the repository into its instructions.
  • Ingestion points: Reads repository-specific rules from AGENTS.md and context from git diff outputs.
  • Boundary markers: Absent; the instructions explicitly direct the agent to 'apply any git/commit rules' found in the local file without qualification.
  • Capability inventory: The skill can stage files, perform commits, and execute arbitrary local formatter commands.
  • Sanitization: No sanitization or verification of the content in AGENTS.md is performed before the agent treats it as an instruction.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 12:57 AM