commit
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs git operations including status, diff, and commit. It explicitly notes that pre-commit hooks will be executed, which allows for the execution of arbitrary scripts within the repository context.
- [PROMPT_INJECTION]: The skill contains both direct and indirect prompt injection surfaces. User arguments are interpolated into prompts, and the agent reads repository file diffs to generate messages. 1. Ingestion points: User-provided message/scope arguments and file content via git diff. 2. Boundary markers: No delimiters or safety markers are used to isolate untrusted data from instructions. 3. Capability inventory: Sub-agent executes git commands and reads local files. 4. Sanitization: The prompt includes a request to ignore specific files like .env, but does not filter the content of other files.
Audit Metadata