conventional-commits
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [No Code] (SAFE): This skill consists entirely of Markdown instructions and examples. There are no scripts, binaries, or configuration files that execute commands on the host system.
- [Prompt Injection] (SAFE): The content provides clear formatting rules without attempting to override the agent's core safety guidelines or ignore previous instructions.
- [Data Exposure & Exfiltration] (SAFE): No network operations, sensitive file path access, or hardcoded credentials were detected.
- [Indirect Prompt Injection] (INFO): The skill is designed to process external data (git diffs and user-provided descriptions). However, because the skill has no side-effect capabilities (no file writing, no network access, no command execution), the risk of malicious data influencing the system through this skill is negligible.
Audit Metadata