commit
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes standard Git commands (git status, git add, git diff, git commit, git config, git branch, git checkout) and project-specific linting commands (pnpm lint, npm run lint, yarn lint, bun lint) to automate development workflows.
- [PROMPT_INJECTION]: The skill incorporates an attack surface for indirect prompt injection because it reads and analyzes output from
git diff, which may contain untrusted instructions embedded in the codebase. Ingestion point: git diff command output (SKILL.md). Boundary markers: None. Capability inventory: git and package manager commands (SKILL.md). Sanitization: None. This surface is expected for tools that analyze source code changes.
Audit Metadata