commit-work
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill workflow requires the agent to execute various local shell commands to manage the git lifecycle and verify code quality. Evidence: Steps in SKILL.md include running 'git status', 'git diff', 'npm test', and 'node scripts/verify-registry.mjs'. These are expected behaviors for a git workflow assistant.
- [INDIRECT_PROMPT_INJECTION]: The skill processes potentially untrusted data from repository changes (diffs) during the review process. Ingestion points: The agent reads the output of 'git diff' as specified in SKILL.md workflow steps 1 and 5. Boundary markers: The skill does not use specific delimiters or instructions to ignore embedded commands within the diff content. Capability inventory: The agent has the capability to run local shell commands ('git', 'npm', 'node'). Sanitization: The skill relies on process-level safeguards, such as requiring manual user confirmation and a 'Self-Check' workflow, rather than automated string sanitization.
Audit Metadata