Skills
skills/ekroon/tabctl/git-commit/Gen Agent Trust Hub

git-commit

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to perform standard Git operations.
  • It uses commands such as git diff, git status, git add, and git commit to manage repository state.
  • A "Git Safety Protocol" is implemented to mitigate risk, explicitly prohibiting the agent from modifying Git configuration, skipping hooks, or performing destructive actions like --force or hard reset without explicit user request.
  • [PROMPT_INJECTION]: The skill contains an indirect prompt injection attack surface due to its analysis of untrusted repository data.
  • Ingestion points: The agent reads potentially untrusted code content through git diff and git status --porcelain as described in SKILL.md.
  • Boundary markers: The provided instructions do not specify the use of delimiters or isolation techniques to separate code diffs from the agent's internal instructions.
  • Capability inventory: The agent can perform file system staging and commit operations via the Bash tool.
  • Sanitization: There are no documented steps for sanitizing or escaping the content of the diffs before they are processed by the LLM for message generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 12:00 PM