commit
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes local shell commands (git, gh) to perform its functions. These commands are standard for repository management and are executed after gathering information or receiving user confirmation.
- [PROMPT_INJECTION] (LOW): Vulnerable to Indirect Prompt Injection. The skill processes untrusted data (file diffs) to summarize changes. Malicious instructions embedded in the code being committed could influence agent behavior.
- Ingestion points:
git diffandgit diff --stagedoutputs used in Steps 1, 5, and 7. - Boundary markers: None. The agent is not instructed to ignore instructions found within the diff data.
- Capability inventory: Write access via
git checkout -b,git add, andgit commit; interaction with GitHub viagh issue create. - Sanitization: None.
Audit Metadata