Skills
skills/re2zero/deepin-skills/git-commit-workflow/Gen Agent Trust Hub

git-commit-workflow

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill ingests and processes untrusted output from git commands which could contain malicious instructions.\n
  • Ingestion points: SKILL.md instructions for Step 1 and Step 3 involve reading output from git status and git diff --staged.\n
  • Boundary markers: Absent; there are no explicit delimiters or instructions for the AI to disregard instructions embedded in the file diffs.\n
  • Capability inventory: The skill possesses the ability to execute git add and git commit commands via bash.\n
  • Sanitization: None; the AI processes raw diff output to generate commit messages without sanitization.\n- [Data Exposure & Exfiltration] (SAFE): The skill reads local repository data but does not contain any patterns for external exfiltration.\n
  • Evidence: SKILL.md uses git diff to analyze changes and git remote get-url to identify the repository, which are standard for git utilities.\n
  • Mitigation: No network tools (e.g., curl, wget) or external communication capabilities are defined in the skill logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:19 PM