conventional-commits
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- SAFE (SAFE): No malicious patterns detected. The skill consists entirely of text-based instructions for the agent.
- Indirect Prompt Injection (INFO): The skill processes untrusted data from git diffs. While this allows for potential prompt injection, the lack of side-effect capabilities (no write, network, or execute) makes this an information-only finding.
- Data Exposure (INFO): The skill reads staged code changes to provide summaries, which is a functional requirement but involves processing repository content.
Audit Metadata