commit
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes git commands (status, diff, add, commit) to perform repository management tasks as described in SKILL.md.
- [PROMPT_INJECTION]: The instruction in Step 5 of SKILL.md to 'proceed immediately without asking for confirmation' reduces human oversight by removing the requirement for user approval before modifying the repository history.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection vulnerability surface: 1. Ingestion points: Untrusted content enters the context via 'git diff --staged' (SKILL.md). 2. Boundary markers: The instructions lack delimiters to isolate the diff data from the agent's internal logic. 3. Capability inventory: The skill has the capability to execute repository writes via 'git add' and 'git commit'. 4. Sanitization: No sanitization is applied to the data retrieved from the diffs before it is used to generate commit messages or execute actions.
Audit Metadata