commit
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes multiple shell commands using the 'Bash' tool to interact with the git version control system for staging, committing, and pushing changes as defined in SKILL.md.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection. 1. Ingestion points: The agent reads untrusted data from the local file system using 'git diff' and 'git diff --cached' in SKILL.md. 2. Boundary markers: There are no explicit delimiters or instructions provided to the agent to distinguish between code changes and potential malicious instructions embedded within the files. 3. Capability inventory: The agent has the ability to execute 'git add', 'git commit', and 'git push' commands, which allows it to modify the repository and push changes to a remote server. 4. Sanitization: There is no evidence of sanitization or filtering of the file content before it is analyzed by the model.
Audit Metadata