commit
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection due to its interaction with untrusted external data.
- Ingestion points: The skill processes git staged changes and repository diffs (implied by its 'commit' purpose) as described in SKILL.md.
- Boundary markers: No explicit delimiters or instructions are provided in the metadata to prevent the agent from following instructions found in the git data.
- Capability inventory: The skill is configured with 'allowed-tools: [Bash]', providing a path for command execution on the host system.
- Sanitization: No evidence of sanitization or validation logic is present to filter or escape content from the git repository before it is processed by the agent.
Audit Metadata