git-commit
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from git diffs using sub-agents to generate commit messages and analyze breaking changes. This creates a surface for indirect prompt injection where malicious instructions embedded in code comments or diff content could attempt to influence the agent's summary or instructions.
- Ingestion points: git diff output (SKILL.md)
- Boundary markers: Not explicitly defined for diff content
- Capability inventory: Shell command execution (git), file read/write, and task management
- Sanitization: No specific sanitization mentioned for the diff content before it is passed to agents
- [COMMAND_EXECUTION]: The skill utilizes a PreToolUse hook to run a shell script (
pre-commit-lint.sh) which automatically detects and executes linting commands from the project workspace. This includes executing targets from a Makefile or scripts from package.json. While standard for development, this behavior could be exploited if the agent is directed to work on a malicious repository containing compromised configuration files.
Audit Metadata