Skills
AGENT LAB: SKILLS
skills/github/awesome-copilot/git-commit/Gen Agent Trust Hub

git-commit

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill is susceptible to indirect prompt injection as it requires the agent to analyze the contents of git diffs to generate commit messages.
  • Ingestion points: untrusted data enters the context via git diff, git diff --staged, and git status --porcelain in SKILL.md.
  • Boundary markers: Absent. The skill does not instruct the agent to disregard instructions found within the code changes being analyzed.
  • Capability inventory: The skill has Bash tool access and executes git add and git commit commands.
  • Sanitization: Absent. There is no evidence of filtering or escaping the content of the diff before it is used to generate the commit message or CLI arguments.
  • [Command Execution] (SAFE): The skill uses Bash to execute standard git operations. It includes a 'Git Safety Protocol' that explicitly forbids destructive operations like force pushing or hard resets without user consent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 04:34 PM