commit
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes various git commands such as
git commit,git merge,git branch, andgit push. It also performs local file system operations to move task-related files into an archive directory. Risks are mitigated by the requirement for explicit user confirmation before any commit, push, or branch deletion operation.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes untrusted data from git diffs and task files to generate commit titles and rationales.\n - Ingestion points: The skill reads the output of
git statusandgit diff, as well as task description files matching the patterntasks/f-##-*.md.\n - Boundary markers: There are no explicit delimiters or markers defined to separate the untrusted diff/file content from the agent's internal instructions.\n
- Capability inventory: The skill can execute git commands that modify the repository history, manipulate branches, and communicate with remote repositories.\n
- Sanitization: The skill does not specify any sanitization, filtering, or validation for the external content retrieved from the diffs or task files.
Audit Metadata