git-commit-pr-message
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill implements proactive security measures, including a mandatory scanner that checks for sensitive content (API keys, tokens, and private keys) in staged changes before any commit is created. It utilizes shell-safe execution patterns, such as quoted heredocs ('EOF'), to prevent command injection from generated text. Furthermore, the skill processes untrusted file content (git diffs), but effectively mitigates indirect prompt injection risks by requiring explicit user review and confirmation for all actions with side effects, such as committing, pushing, or creating pull requests.
Audit Metadata