git-committer
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill adheres to the principle of least privilege by performing only standard Git operations necessary for its stated purpose.
- [SAFE]: It incorporates a mandatory human-in-the-loop confirmation step (Step 4 and Step 7) before executing any state-changing commands like
git commit. - [SAFE]: Security-conscious instructions are included to proactively scan for and avoid committing sensitive files such as
.envfiles or hardcoded credentials (Step 3). - [PROMPT_INJECTION]: The skill processes untrusted data from local repository history and diffs, representing an indirect prompt injection surface.
- Ingestion points: Git status, diff, and log outputs are processed in Step 1, 2, and 3.
- Boundary markers: The skill uses clear markdown headers and distinct workflow steps to maintain instruction context.
- Capability inventory: The agent can execute
git addandgit commitcommands via the shell. - Sanitization: The skill relies on explicit user review of proposed commit messages and strategies before any commands are run, providing a manual safeguard against malicious content in diffs.
Audit Metadata