semantic-commit
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local git commands including status, diff, log, and commit within a shell environment to manage the repository state.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests data from git diffs and logs which could contain malicious instructions. Evidence: 1. Ingestion points: The skill reads output from
git diff,git diff --staged, andgit log --oneline -5in SKILL.md. 2. Boundary markers: No explicit markers are used to isolate the diff content from instructions. 3. Capability inventory: The skill has the ability to execute git commands on the local system. 4. Sanitization: A mandatory user review step is provided to confirm the generated commit message before it is finalized.
Audit Metadata