git-committer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes local
gitcommands (status, diff, add, commit) to perform its primary function. This is standard behavior for a version control assistant. - [DATA_EXPOSURE] (SAFE): The skill implements a security best practice by explicitly instructing the agent to ignore and filter environment variables (
.env) and build configurations (vite.config.ts,webpack.config.js) from the commit process, reducing the risk of accidental secret exposure. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes untrusted data from local files via
git diffoutputs. - Ingestion points: Analyzes file content changes in
SKILL.mdsteps 1 and 3. - Boundary markers: None explicitly defined for the diff content interpolation.
- Capability inventory: Can execute
git addandgit commitcommands. - Sanitization: Filters sensitive file extensions and specific filenames.
- [USER_CONFIRMATION] (SAFE): Step 7 of the workflow mandates explicit user consent before any
git commitexecution, ensuring the user remains in control of the repository state.
Audit Metadata