commit
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands to configure git identity and perform commits. This includes executing git config, git add, and git commit. This functionality is essential for the skill's primary purpose.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) as it retrieves data from an external file (CLAUDE.md).
- Ingestion points: Automation configuration data (bot_account, bot_email, owner_account, owner_email) is read from the CLAUDE.md file.
- Boundary markers: There are no explicit boundaries or warnings to prevent the agent from executing instructions potentially embedded in these configuration values.
- Capability inventory: The agent has the capability to execute git commands and modify repository state.
- Sanitization: There is no evidence of sanitization or validation of the input fields before they are used in command-line interpolation.
Audit Metadata