commit
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection because it analyzes the content of staged changes via
git diff --staged. Malicious content within the staged files could potentially influence the LLM's commit message generation process.\n - Ingestion points: File contents processed via
git diff --stagedas described in the instructions.\n - Boundary markers: Absent; there are no clear delimiters or instructions to ignore embedded instructions within the code diffs.\n
- Capability inventory: Standard git operations including
git status,git diff, andgit commitvia thegit-operations-specialistdependency.\n - Sanitization: Absent; the skill does not explicitly sanitize or escape the content retrieved from the staged files.\n- COMMAND_EXECUTION (SAFE): The skill utilizes standard version control commands (
git status,git diff,git commit) that are appropriate for its stated purpose. No shell escape sequences, administrative privilege requests, or unsafe command patterns were detected.
Audit Metadata