Skills
skills/eva813/vue3-skills/git-conventional-commits/Gen Agent Trust Hub

git-conventional-commits

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the bash tool to perform version control tasks such as staging files (git add) and committing changes (git commit). It also analyzes the repository state using git status and git diff to automatically suggest appropriate commit types.\n- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection because it processes content from the local repository to generate commit messages.\n
  • Ingestion points: Data enters the process through git status and git diff commands executed in handlers/commit-with-preview.md.\n
  • Boundary markers: The system uses specific commit message rules (e.g., length limits, imperative mood) defined in rules/message-validation.md to guide the AI's output.\n
  • Capability inventory: The skill has the ability to stage files and create new commits in the local git repository.\n
  • Sanitization: A mandatory review step is implemented in handlers/format-and-preview.md, where the generated message is written to a session-specific preview file and the user must provide explicit confirmation via the ask_user tool before the commit is executed.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 01:50 AM