commit
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill implements a proactive security measure in 'Step 1.5: Secret / Credential Scan'. This step instructs the agent to perform both value-pattern and field-name scans on the git diff output to detect API keys, private keys, and hardcoded credentials before they are staged or committed.
- [COMMAND_EXECUTION]: The skill uses local shell commands to execute Git operations (
git status,git add,git commit). These commands are standard for the skill's purpose and are executed locally without network transmission of the repository data. - [DATA_EXFILTRATION]: No evidence of unauthorized data transmission was found. The skill operates exclusively on the local Git repository and includes safeguards to prevent sensitive data from being committed to version history.
- [PROMPT_INJECTION]: The instructions are clear and task-oriented, focusing on Git lifecycle management without attempting to bypass safety filters or override system constraints.
Audit Metadata