commit-message
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a Python script
scripts/analyze_git.pywhich executes shell-based Git commands usingsubprocess.run(shell=True). While the commands are hardcoded in the script, this capability is used to extract repository information.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its processing of repository state.\n - Ingestion points: Git diff statistics and file names are read from the local repository state in
scripts/analyze_git.py.\n - Boundary markers: The skill lacks explicit delimiters or instructions to ignore potential commands embedded within file names or Git diff data.\n
- Capability inventory: The skill is capable of executing Git commands via the provided script and suggesting further commands to the user.\n
- Sanitization: There is no evidence of sanitization or escaping of the Git metadata before it is processed by the agent.
Audit Metadata