commit
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses dynamic context injection in
SKILL.mdto executegit status,git diff HEAD, andgit logwhen the skill is loaded. These are read-only operations used to provide the agent with repository context and do not involve network access or the injection of user-supplied arguments into the shell. - [COMMAND_EXECUTION]: The skill's primary workflow involves executing
git addandgit commitcommands. The instructions specifically advise against using global flags likegit add .to prevent the accidental staging of unwanted or sensitive files. - [SAFE]: The skill includes explicit security rules, such as
NEVER commit secretsand instructions to abort the process if staged files are found to contain credentials or sensitive information. - [SAFE]: The skill logic is localized to git operations within the repository and does not attempt to access external networks, modify system configurations, or achieve persistence.
Audit Metadata