git-master
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection vulnerability surface. The skill is designed to read and analyze the last 30 commit messages via
git logto adapt its communication style and formatting. This process ingests untrusted data from the repository history which could contain malicious instructions designed to influence the agent. - Ingestion points: Commit messages retrieved via
git log -30. - Boundary markers: No explicit markers or instructions are provided to the agent to ignore potentially malicious content within the commit history.
- Capability inventory: Access to local Git repository history and the ability to execute Git commands.
- Sanitization: The skill lacks any mechanism to sanitize or filter the content of commit messages before processing them for style detection.
- [COMMAND_EXECUTION]: The skill provides various shell-based Git commands for history management, including
git log,git blame, andgit bisect. While these are legitimate tools for the skill's purpose, they grant the agent the capability to execute commands that traverse and interact with the local filesystem's metadata.
Audit Metadata