commit-work
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill outlines a standard git workflow for reviewing, staging, and committing changes.
- [SAFE]: It proactively includes security 'Sanity checks' (Step 4) to ensure no secrets, tokens, or accidental debug logs are included in the commit.
- [COMMAND_EXECUTION]: The skill executes local repository commands (git) and scripts (tests, lint, build) as part of its primary function to stage, commit, and verify code changes.
- [PROMPT_INJECTION]: A surface for indirect prompt injection exists via the ingestion of local file changes (ingestion: 'git diff' output). Boundary markers: None specified. Capability inventory: 'git' command execution and running repository-defined verification scripts. Sanitization: None specified. This risk is inherent to the primary purpose of the skill and is mitigated by the workflow's emphasis on review.
Audit Metadata