commit
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes various git commands, including
git add,git commit, andgit push, to manage the repository state. This is required for the skill's primary function. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. 1. Ingestion points: The skill reads file diffs via
git diff --cachedin the context collection and staging steps. 2. Boundary markers: No delimiters or specific 'ignore instructions' warnings are applied to the ingested diff content. 3. Capability inventory: The skill can perform filesystem modifications and remote network pushes via the git CLI. 4. Sanitization: There is no evidence of sanitization or validation of the diff data before it is analyzed to generate commit messages.
Audit Metadata