commit
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute 'git' commands (diff, branch, log, and commit). These operations are restricted to the local repository and do not require elevated privileges.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes untrusted data from the repository's diffs and logs. 1. Ingestion points: 'git diff --staged' and 'git log' outputs are used as context in SKILL.md. 2. Boundary markers: The skill does not use specific delimiters or warnings to isolate the retrieved context from the instructions. 3. Capability inventory: The skill can perform 'git commit' actions to record changes in the repository. 4. Sanitization: No sanitization or filtering is applied to the content retrieved from the git repository before it is processed.
Audit Metadata