commit-work
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill ingests untrusted data from the git working tree which can lead to indirect prompt injection. 1. Ingestion points: git diff, git diff --stat, and git status (SKILL.md). 2. Boundary markers: None. 3. Capability inventory: Command execution via git and pwsh (SKILL.md). 4. Sanitization: None.
- COMMAND_EXECUTION (SAFE): The skill utilizes git and PowerShell commands which are appropriate for a repository management tool. Evidence: Instructions in SKILL.md reference git operations and a helper script committer.ps1.
Audit Metadata