git-commit
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted local data to determine agent behavior.\n
- Ingestion points:
SKILL.md(Workflow steps 1 and 2) instructs the agent to rungit diff --stagedandgit logto gather context.\n - Boundary markers: Absent; the output of git commands is ingested directly into the prompt context without delimiters or warnings to ignore embedded instructions.\n
- Capability inventory:
references/quick-reference.mdlistsgit commitcommands which are triggered as the final step of the workflow.\n - Sanitization: Absent; there is no validation or escaping of the content retrieved from the repository state.\n- [COMMAND_EXECUTION]: The skill facilitates the execution of local git commands as part of its core functionality.\n
- Evidence:
references/quick-reference.mdprovides bash commands forgit diff,git log,git status, andgit commit. These are standard tools for the skill's intended purpose of managing version control commits.
Audit Metadata