changelog
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Potential for indirect prompt injection due to processing untrusted git commit history content.
- Ingestion points: The skill ingests data from git commit messages using
git logcommands as described in SKILL.md. - Boundary markers: There are no explicit delimiters or instructions provided to the agent to distinguish between the commit data and the core instructions.
- Capability inventory: The skill is granted permissions for
Bash(git:*),Read,Write, andEdittools. - Sanitization: The instructions do not include steps to sanitize or validate the content of the commit messages before they are processed or written to files.
Audit Metadata