Skills
NYC
skills/smithery/ai/conventional-commit/Gen Agent Trust Hub

conventional-commit

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (HIGH): The skill is susceptible to Indirect Prompt Injection (Category 8) because it processes untrusted data to perform actions with side effects.
  • Ingestion points: The agent reads file content via git diff and repository history via git log.
  • Boundary markers: No specific delimiters are used to separate the untrusted diff data from the agent's instructions.
  • Capability inventory: The skill executes git add and git commit, allowing it to modify the repository state.
  • Sanitization: While it includes a rule to skip files that appear to contain secrets (e.g., .env), it does not sanitize file content for embedded instructions. An attacker could place malicious instructions in code comments to influence the commit message or staging process.
  • [COMMAND_EXECUTION] (LOW): The skill uses local git commands (git status, git diff, git add, git commit) to perform its intended task. These commands are executed within the local repository context.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 06:30 AM