tenzir-commit-changes
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to interact with the Git CLI using commands such as
git status,git diff, andgit commit. These operations are central to the skill's purpose of managing source control changes and do not involve unusual or high-risk parameters. - [INDIRECT_PROMPT_INJECTION]: As the skill involves reading file contents and diffs from the repository to generate summaries, it presents a surface for indirect prompt injection if malicious instructions are embedded in the code being committed. The instructions mitigate this by requiring verification against staged hunks.
- Ingestion points: Repository status and diff outputs (referenced in
SKILL.md). - Boundary markers: Not explicitly defined for the diff content in the instructions.
- Capability inventory: Local repository modification via
git commit(referenced inSKILL.mdandreferences/write-commit-messages.md). - Sanitization: The instructions guide the agent to verify the commit message against the exact staged snapshot to ensure fidelity.
Audit Metadata