commit-assistant
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill processes untrusted data from repository diffs and user input, creating a surface for indirect prompt injection. However, this is inherent to its primary purpose of analyzing code changes, and the risk is mitigated by the skill's lack of executable capabilities. Severity is dropped to SAFE per the primary skill purpose rule.\n
- Ingestion points: Git status and diff outputs are read into the context (File: SKILL.md).\n
- Boundary markers: Absent; diff content is not delimited from instructions.\n
- Capability inventory: None; the skill generates text only and contains no scripts, file-write operations, or network calls.\n
- Sanitization: None.\n- Data Exposure & Exfiltration (SAFE): The skill contains multiple explicit instructions to prevent sensitive data exposure, such as 'Never include secrets or credentials'. No network exfiltration vectors or hardcoded secrets were detected.
Audit Metadata