commit-msg
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Security Control Bypass] (HIGH): The skill explicitly instructs the AI agent to use the
--no-verifyflag when making 'milestone' commits. Pre-commit hooks are a standard security layer used to detect secrets, run linters, and perform vulnerability scans. Automating their bypass significantly increases the risk of sensitive data exposure or malicious code entry. - [Indirect Prompt Injection] (HIGH): The skill has a significant attack surface for indirect injection.
- Ingestion points: It reads content from
{ROOT_PROJ}/docs/git-msg-tag.mdand parses the current git branch name. - Boundary markers: There are no markers or sanitization logic to distinguish between data and instructions in these external sources.
- Capability inventory: The agent performs git commits, which can include sensitive file additions or modifications to the repository history.
- Sanitization: None. An attacker could name a branch or modify the tags file to include instructions that override the agent's behavior during the commit process.
- [Command Execution] (MEDIUM): While git operations are standard, the combination of automated execution and the explicit instruction to bypass verification steps creates a medium risk for repository integrity.
Recommendations
- AI detected serious security threats
Audit Metadata