commit-message-formatter
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill identifies a surface for indirect prompt injection as it is designed to format user-controlled commit messages while having access to system-level tools. 1. Ingestion points: User requests containing commit message strings. 2. Boundary markers: Absent; the skill does not instruct the agent to ignore instructions embedded within the commit messages. 3. Capability inventory: Bash, Write, Edit, Read, and Grep tools are requested in the SKILL.md metadata. 4. Sanitization: Absent; no validation or escaping of the input is defined.
- [Command Execution] (LOW): The skill requests access to the Bash tool, which increases the potential impact if a prompt injection is successful.
- [No Code] (SAFE): No scripts, Python packages, or binaries were included in the provided skill files.
Audit Metadata