commit-changes
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute standard Git commands including
git status,git diff, andgit commit. These operations are fundamental to the skill's purpose of managing version control and do not involve administrative privileges or unsafe command construction.- [DATA_INGESTION]: The skill processes untrusted data from the repository's working tree and staged changes to generate commit messages. This represents a potential surface for indirect prompt injection if malicious code is processed. - Ingestion points: SKILL.md (Workflow steps 1 and 4) and references/write-commit-messages.md.
- Boundary markers: None defined.
- Capability inventory: git commit, git commit --fixup.
- Sanitization: No explicit sanitization of diff content is specified. Given the context of developer tooling, this is a standard operational risk managed by the AI's internal safety filters.
Audit Metadata