Skills
skills/henkisdabro/wookstar-claude-plugins/git-commit-helper/Gen Agent Trust Hub

git-commit-helper

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (MEDIUM): The skill instructs the agent to execute local shell commands, specifically git diff --staged, git status, and git commit. While these are standard git operations, direct command execution capability can be risky if the agent's reasoning is subverted.
  • [PROMPT_INJECTION] (HIGH): The skill is highly vulnerable to Indirect Prompt Injection (Category 8).
  • Ingestion points: The skill reads untrusted external data (source code changes) via git diff --staged as described in SKILL.md and references/git-commands.md.
  • Boundary markers: Absent. There are no instructions or delimiters provided to help the agent distinguish between its instructions and the content of the code diff.
  • Capability inventory: The skill possesses the ability to execute subprocess commands (git) and generate content based on external input, creating a feedback loop where malicious code could influence repository state (e.g., via git commit).
  • Sanitization: Absent. No validation or filtering is performed on the data returned from the filesystem before it is processed by the AI.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 05:54 AM