git-commit-validator
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses imperative language to override agent behavior, explicitly stating that it 'MUST be used' for all git workflows and instructing the agent to 'Do NOT run git commit without this skill'.
- [PROMPT_INJECTION]: Implements constraints to suppress AI identification, forbidding the agent from including 'AI attribution', 'AI co-authors', or 'branding phrases' in its output.
- [PROMPT_INJECTION]: Exposed to indirect prompt injection via untrusted data ingestion. The skill reads repository content through 'git diff' and 'git status' (as seen in Step 1 and 3) to generate commit messages without using boundary markers or 'ignore' instructions for embedded content. This allows an attacker to influence commit message generation or agent behavior by placing malicious instructions in code comments or files.
- [COMMAND_EXECUTION]: Employs powerful git commands like 'git add -A' and 'git commit' via Bash. While these tools are explicitly allowed in the skill's manifest, their execution is driven by instructions derived from analyzing potentially untrusted diff content, creating a risk of unintended repository modifications.
Audit Metadata