commit
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious code, obfuscation, or unauthorized data access patterns were detected.
- [Indirect Prompt Injection] (SAFE): The skill utilizes external data (git diff and user prompt) to generate commit messages. This constitutes an indirect prompt injection surface. However, this is the primary purpose of the skill and is categorized as safe. Evidence Chain: 1. Ingestion points: Prompt arguments and git diff output. 2. Boundary markers: Absent. 3. Capability inventory: git add and git commit. 4. Sanitization: Absent.
- [Command Execution] (SAFE): The skill instructs the agent to execute standard git commands locally to manage code changes, which is consistent with its stated utility.
Audit Metadata