commit-message
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill runs the command
git diff --cachedto access the code changes currently staged in the repository. This is an expected and safe behavior for its core functionality.\n- [PROMPT_INJECTION]: The skill provides an attack surface for indirect prompt injection by processing external data from git diffs.\n - Ingestion points: Diff data is ingested from the local file system using git commands.\n
- Boundary markers: Absent; the content is processed without specific delimiters.\n
- Capability inventory: The skill can only read the diff and generate a response, with no access to external networks or writable files.\n
- Sanitization: No content filtering is performed on the diff data.
Audit Metadata