format-commit-message
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- SAFE (SAFE): No malicious patterns, obfuscation, or data exfiltration attempts were found. The skill provides a legitimate utility for formatting git commit messages according to the Conventional Commits specification.
- NO_CODE (SAFE): The skill is composed entirely of natural language instructions and Markdown templates. It does not include any Python or Node.js scripts, binaries, or shell commands, which eliminates common technical attack vectors like remote code execution or privilege escalation.
- PROMPT_INJECTION (LOW): The skill ingests untrusted data in the 'description' and 'body' fields to generate the final message. While it lacks explicit boundary markers or sanitization, the skill possesses no exploitable capabilities (such as network access or file-system modification) that could be triggered by malicious instructions embedded in the input data. The threat is categorized as LOW/INFO because the skill's only action is returning formatted text.
Audit Metadata