git-commit-conventional
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and analyzes content from
git diff,git log, andgit statuswhich may contain malicious instructions.\n - Ingestion points: Output from git commands used to inspect repository changes and history in
SKILL.md.\n - Boundary markers: No specific delimiters or instructions are used to isolate the diff data from the agent's instructions.\n
- Capability inventory: The agent can perform
git add,git commit, andpre-commit run.\n - Sanitization: The skill includes a quality review step (
references/review-guardrails.md), but this step relies on the same LLM context that processes the untrusted data.\n- [COMMAND_EXECUTION]: The skill performs local command execution to manage the git workflow.\n - Evidence: It executes standard git commands including
git status,git log,git diff,git add, andgit commit.\n - Evidence: It runs
pre-commit runto execute repository-defined hooks, which is a standard development practice but involves executing code based on repository configuration.
Audit Metadata