git-squash
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes multiple Git commands, including history-altering operations like
git reset --softandgit push --force-with-lease. These commands are standard and necessary for the skill's primary function of squashing commits. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from the repository environment to perform semantic analysis.
- Ingestion points: The agent reads untrusted data from commit logs (
git log) and code changes (git diff) to determine the intent and content of the squashed commit. - Boundary markers: The instructions lack explicit delimiters or safety instructions to distinguish between the agent's internal logic and potentially malicious instructions embedded within commit messages or code diffs.
- Capability inventory: The skill possesses the capability to execute shell commands (
git), write files (temporary commit message files), and interact with remote servers via Git push. - Sanitization: There is no evidence of sanitization or filtering applied to the commit logs or diff content before the agent processes them to derive a commit message.
Audit Metadata