Skills
skills/elliothughes/mix_skills/git-commit-helper/Gen Agent Trust Hub

git-commit-helper

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill triggers the execution of various git shell commands to inspect the repository state and perform commits.\n
  • Evidence: SKILL.md includes instructions to run git status, git diff, git add, and git commit with multi-line arguments.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests and processes untrusted data from the local file system without isolation.\n
  • Ingestion points: git diff and git diff --cached outputs in SKILL.md Step 1.\n
  • Boundary markers: Absent. The skill does not define delimiters or provide instructions to ignore natural language instructions found within the code differences.\n
  • Capability inventory: The agent has access to file system modification through git add and git commit commands in SKILL.md Step 4.\n
  • Sanitization: Absent. The skill does not specify any validation or sanitization for the content read from the diffs before it is used to generate responses.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 08:45 AM