Skills
skills/hebertpaziam/skills/git-commit/Gen Agent Trust Hub

git-commit

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it is designed to analyze potentially untrusted source code and diffs to generate commit messages.
  • Ingestion points: External data enters the agent's context via git diff, git diff --staged, and git status --porcelain as described in the Workflow section of SKILL.md.
  • Boundary markers: The instructions do not define explicit markers or delimiters to help the agent distinguish between repository content and its own instructional logic.
  • Capability inventory: The skill utilizes the Bash tool for staging and committing changes, which involves file system interactions.
  • Sanitization: There is no mechanism to sanitize or validate the content of the diffs to prevent embedded instructions (e.g., in code comments) from influencing the agent's behavior during the commit message generation process.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 07:55 PM