git-commit
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes standard git commands (
git status,git diff,git add,git commit,git push) required for its primary function. There are no signs of arbitrary or malicious command execution. - [DATA_EXFILTRATION] (SAFE): While the skill pushes code to a remote repository, this is the intended behavior of the
git pushcommand targeting the user's configured upstream. No unauthorized network requests were detected. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill reads untrusted data from local files via
git diffto help the AI generate a commit message. While this data could contain malicious instructions designed to influence the AI's output, the impact is limited to the generated text and the skill provides guidelines to the agent for validation. - Ingestion points:
git status,git diffoutputs. - Boundary markers: None explicitly defined in the command structure.
- Capability inventory: Local file reading and git command execution.
- Sanitization: The skill includes a manual 'Safety Checks' section instructing the agent to verify files before proceeding.
Audit Metadata