commit
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
git status,git diff,git commit, andgit showusing shell escapes to perform repository operations. These actions align with the skill's intended purpose and operate on local data. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it analyzes untrusted data from staged files to generate a commit message. 1. Ingestion points: Output of
git diff --stagedin SKILL.md. 2. Boundary markers: No clear boundaries or instructions are provided to the agent to ignore instructions embedded in the diff output. 3. Capability inventory: Includes the ability to commit changes and display commit details via shell commands. 4. Sanitization: Diff content is not sanitized or escaped before processing.
Audit Metadata