Skills
skills/microsoft-foundry/foundry-agent-webapp/committing-code/Gen Agent Trust Hub

committing-code

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests untrusted data from the repository's staged changes to generate commit messages.\n
  • Ingestion points: Processes staged code changes through git diff --staged in SKILL.md.\n
  • Boundary markers: The instructions do not define delimiters or specific warnings to ignore instructions embedded within the staged code.\n
  • Capability inventory: The skill has the capability to write to a local file (COMMIT_MESSAGE.md) and execute shell commands (git commit -F).\n
  • Sanitization: Staged content is not sanitized or escaped before processing to generate the commit body.\n- [COMMAND_EXECUTION]: The skill workflow involves executing local git commands to interact with the repository.\n
  • Evidence: Uses git diff --staged and git commit -F COMMIT_MESSAGE.md as specified in the workflow section of SKILL.md.\n
  • Context: Command usage is limited to the skill's primary purpose and uses predefined file paths and arguments.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 02:38 AM