commit-work
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes standard, well-defined git commands (status, diff, add, commit, restore) to perform its stated tasks. There are no patterns suggesting arbitrary command injection or unsafe execution of user-supplied strings.
- [DATA_EXPOSURE] (SAFE): While the skill reads local file changes through
git diff, it includes a specific 'Sanity check' in step 4 of the workflow to explicitly avoid staging secrets or tokens. No network exfiltration patterns were detected. - [INDIRECT_PROMPT_INJECTION] (LOW): The agent reads untrusted data from the local working tree (the code being committed). Although this presents a surface for indirect prompt injection, the skill's rigid workflow and focus on structured output (Conventional Commits) make successful exploitation unlikely.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill does not reference or download any external packages or remote scripts.
Audit Metadata