commit
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill uses standard development commands
git diff --stagedandgit commitas part of its primary functionality. These operations are performed on the local repository as requested by the user. - PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection through its ingestion of untrusted data.
- Ingestion points: The agent reviews staged changes via
git diff --stagedas specified inSKILL.md. - Boundary markers: Absent. The instructions do not provide delimiters or warnings to ignore instructions embedded within the diff content.
- Capability inventory: The agent has the capability to execute
git commitbased on its analysis. - Sanitization: Absent. There is no logic to filter or sanitize the content of the diff before the agent processes it to generate the commit message.
Audit Metadata