Skills
skills/mguinada/agent-skills/git-commit/Gen Agent Trust Hub

git-commit

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill's workflow involves executing several git CLI commands: git status to check the current repository state, git diff --staged to analyze code changes, and git log -5 --oneline to understand recent commit patterns. These are necessary for the skill's primary function.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection (Category 8) because it ingests and processes untrusted data from the local repository.
  • Ingestion points: The agent reads the output of git diff --staged and git log which contains code and comments from the repository.
  • Boundary markers: Absent; there are no instructions or delimiters used to ensure the agent ignores instructions that might be contained within the code changes themselves.
  • Capability inventory: The skill utilizes git commands and expects the agent to generate text based on those results.
  • Sanitization: Absent; the skill does not include logic to filter or escape the content extracted from the repository before it is processed by the AI.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 05:14 AM