conventional-commits
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): No instructions attempting to override agent behavior or bypass safety filters were detected.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations were found.
- [Unverifiable Dependencies] (SAFE): No external packages or remote scripts are referenced or installed.
- [Indirect Prompt Injection] (LOW): This skill handles untrusted data as an inherent part of its function. 1. Ingestion points: User-provided code changes and descriptions are used to generate commit messages. 2. Boundary markers: No explicit delimiters or instruction-ignore warnings are defined. 3. Capability inventory: The skill is restricted to text generation for formatting purposes and lacks file-write, network, or command execution capabilities. 4. Sanitization: No input validation is performed. The risk is LOW as the output is purely informational and lacks side-effect potential.
- [Obfuscation] (SAFE): All content is clearly readable markdown with no encoded segments or hidden characters.
Audit Metadata