Skills
skills/sirn/dotfiles/code-commit/Gen Agent Trust Hub

code-commit

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local jj and git commands (such as jj diff, jj log, jj describe, and jj split) to inspect and modify the repository state. These commands are necessary for the skill's intended purpose and operate on the local file system.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) because it ingests and processes content that could be controlled by an attacker.
  • Ingestion points: The skill reads untrusted content from the repository through jj diff and jj log.
  • Boundary markers: The skill lacks explicit delimiters or instructions telling the agent to treat the repository content as passive data or to ignore embedded instructions.
  • Capability inventory: The agent has the ability to modify the repository using jj describe and jj split based on the data it analyzes.
  • Sanitization: No sanitization or validation of the repository content is performed before the agent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 01:14 AM