git-commit-pro
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): Executes git diff and git diff --cached to analyze local changes. This allows the agent to read the repository contents, which is necessary for functionality but constitutes local data access.
- [PROMPT_INJECTION] (LOW): The skill has an indirect prompt injection surface because it processes untrusted repository content. 1. Ingestion points: Ingests repository content from git diff output as specified in SKILL.md. 2. Boundary markers: Absent; there are no instructions to distinguish between diff content and agent instructions. 3. Capability inventory: Text generation only; no file-writing or network capabilities identified in the skill instructions. 4. Sanitization: None; external content from the diff is processed directly to generate the message.
Audit Metadata