rewrite-commit-history
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Git commands such as
git reset,git add, andgit committo manipulate repository history. While these are powerful operations, the skill mitigates risk by requiring a clean working directory (git status --porcelain), creating a backup branch (git branch backup/), and performing a final comparison (git diff HEAD ${BACKUP}) to confirm the file tree remains identical to the state before the rewrite.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes untrusted data from the repository's history.\n - Ingestion points: The skill reads external data via
git logandgit diffin Step 3 to analyze changes and propose a new commit structure.\n - Boundary markers: There are no explicit delimiters or system instructions used to prevent the agent from being influenced by instructions that might be embedded in existing commit messages or the source code being reviewed.\n
- Capability inventory: The agent has the capability to modify the Git repository through automated reset and commit sequences in Step 6.\n
- Sanitization: No sanitization or filtering is performed on the content of commit messages or file diffs before they are presented to the agent for planning.
Audit Metadata