commit
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes the
Bashtool to perform routine Git operations (git status,git commit,git log) and execute local test suites (npm test,pytest,cargo test). These actions are core to the skill's stated purpose of managing code commits and ensuring quality. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill analyzes local file content and branch names to automatically suggest conventional commit types (e.g., feat, fix).
- Ingestion points: Reads files and git logs within the
spaces/[project]/andideas/directories. - Boundary markers: None explicitly defined in the provided markdown.
- Capability inventory: Uses
Bash,Read,Grep, andGlobtools which allow for local system interaction. - Sanitization: No explicit sanitization of file content is described before the LLM processes it for commit message generation.
- Assessment: While an ingestion surface exists, the risk is minimal as the output is limited to commit message metadata and does not influence high-privilege operations or exfiltrate data.
Audit Metadata