commit
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill demonstrates safe behavior by interacting only with the local git repository using a set of predefined, restricted bash commands. No remote connections or unauthorized file access patterns were found.
- [PROMPT_INJECTION]: No direct prompt injection or safety bypass attempts were identified. The skill correctly uses agent roles for task instruction. An indirect prompt injection surface exists as the skill reads untrusted file content via git diff. Ingestion points: git status, git diff, and git ls-files outputs in SKILL.md. Boundary markers: Absent. Capability inventory: git add and git commit in SKILL.md. Sanitization: The skill implements proactive scanning for secrets, API keys, and conflict markers.
- [DATA_EXFILTRATION]: The skill proactively guards against data exposure by checking the diff for sensitive information and blocking commits that include hardcoded secrets, private keys, or .env files.
Audit Metadata