commit
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill runs Git commands to manage version control. It uses quoted HEREDOCs ('EOF') to safely handle multi-line commit messages, which prevents the shell from interpreting special characters or performing command substitution within the message body.\n- PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection because it analyzes untrusted content from the repository (diffs and logs) to generate messages.\n
- Ingestion points:
git diff --cachedandgit log --oneline -5ingest code and history from the local repository.\n - Boundary markers: Absent. The skill does not delimit the diff content or instruct the agent to ignore instructions within the diff.\n
- Capability inventory:
git commitis used to modify the local repository state.\n - Sanitization: Shell-level protection is implemented via quoted HEREDOCs, but no semantic sanitization of the input text is present to prevent instruction injection.
Audit Metadata