git-pushing
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a shell script
scripts/smart_commit.shwhich runsgitcommands (add,commit,push) to modify and transmit repository data. - [DATA_EXFILTRATION]: The script performs a
git pushto the remote 'origin' branch, transferring local repository data to an external server. - [DATA_EXFILTRATION]: The implementation uses
git add ., which indiscriminately stages every file in the current directory. This is a risky pattern as it can capture sensitive files like.env, secrets, or private keys that are not intended for the remote repository if a.gitignoreis missing or misconfigured. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface through the processing of untrusted commit messages.
- Ingestion points: The user-provided commit message is passed as a command-line argument to
scripts/smart_commit.sh. - Boundary markers: The workflow described in
SKILL.mdlacks explicit delimiters or instructions to ignore potential commands embedded within the message. - Capability inventory:
scripts/smart_commit.shhas the capability to stage any file in the workspace, create commits, and push to remote branches. - Sanitization: While the message variable is double-quoted to prevent basic shell injection, no sanitization or validation of the message content itself is performed.
Audit Metadata