commit-changes
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill's behavior is consistent with its primary purpose of managing development workflows.- [COMMAND_EXECUTION]: The skill workflow involves executing local development tools such as linters, formatters, and git commands. Evidence: SKILL.md mentions 'Run the project's relevant linters, type checkers, and formatters' and 'Stage the relevant files... Perform the commit'. These operations are expected for a git management skill.- [PROMPT_INJECTION]: The skill processes untrusted data from git context (diffs and file changes) to generate commit messages, which is an indirect prompt injection surface. Evidence: SKILL.md (Gather git context, Create the commit message). Analysis: (1) Ingestion points: Git context in SKILL.md. (2) Boundary markers: Not specified. (3) Capability inventory: Subprocess calls for git and linters in SKILL.md. (4) Sanitization: Not specified. This surface is common in developer tools and is considered a low-risk, standard operational characteristic.
Audit Metadata