commit
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes specific git subcommands (status, diff, add, commit) to perform its tasks. These operations are limited to the git binary and are appropriate for the skill's description.
- [PROMPT_INJECTION]: The skill ingests data from local file changes and commit history. While this is an indirect injection surface, there are no instructions that would cause the agent to deviate from its intended role.
- [SAFE]: The skill explicitly advises against committing sensitive environment files (.env) and provides instructions on escaping shell arguments, demonstrating a focus on basic security hygiene.
Audit Metadata