Skills
skills/kaiboo404/agent-skills-with-project-template/commit-conventions/Gen Agent Trust Hub

commit-conventions

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • Prompt Injection (LOW): The skill is susceptible to indirect prompt injection because it analyzes external, potentially untrusted data from git diffs.\n
  • Ingestion points: The skill ingests data from git diff --staged and files within the .context/ directory (e.g., conventions.md, specs/).\n
  • Boundary markers: The instructions do not define clear delimiters to separate the untrusted diff content from the agent's logic, increasing the risk that embedded instructions in code comments could be followed.\n
  • Capability inventory: The skill is limited to text generation and does not have the ability to execute shell commands, write files, or access the network.\n
  • Sanitization: There is no evidence of sanitization or filtering of the input diff data before it is processed by the LLM.\n- No Code (SAFE): The skill consists entirely of markdown instructions and templates without any associated scripts, binaries, or package dependencies.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 09:48 PM