conventional-commit
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's primary logic in SKILL.md requires the execution of local git commands, including 'git status', 'git diff --staged', and 'git commit -m', to analyze repository state and finalize commits.
- [EXTERNAL_DOWNLOADS]: The report.html file, used for reviewing evaluation results, fetches external scripts and styles from well-known technology providers: cdn.sheetjs.com for the SheetJS library and fonts.googleapis.com for typography.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes untrusted data from repository diffs. 1. Ingestion points: The agent reads the output of 'git diff --staged' (defined in SKILL.md). 2. Boundary markers: The instructions lack explicit delimiters or 'ignore' directives for content within the diff. 3. Capability inventory: The agent is authorized to execute 'git commit -m' which could be influenced by malicious instructions in the diff. 4. Sanitization: There is no evidence of sanitization or filtering applied to the diff output before it is analyzed by the agent.
Audit Metadata