commit-helper
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs local analysis of git diffs to generate commit messages. While this involves processing untrusted code data (an Indirect Prompt Injection surface), it is the core function of the skill and no exploitable capabilities or malicious payloads are present.
- [SAFE]: All external links and email references point to trusted domains belonging to Anthropic, which are recognized as safe sources.
- [SAFE]: Examples provided use secure shell practices, such as quoted heredocs, to prevent command injection when handling multi-line commit messages.
Audit Metadata