micro-commit
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection risk surface identified.
- Ingestion points: The skill analyzes unstaged file contents to determine grouping logic for micro-commits.
- Boundary markers: Absent. The instructions do not specify how to distinguish between legitimate code changes and embedded instructions.
- Capability inventory: Executes shell commands for git operations (
git add,git commit) via thegit-operations-specialisttool. - Sanitization: Absent. The skill does not filter or sanitize the file contents before analysis.
- [COMMAND_EXECUTION] (SAFE): The skill uses git commands as its primary function. While it executes commands, these are restricted to the intended purpose of repository management and do not exhibit malicious patterns like privilege escalation or persistent access.
Audit Metadata