Skills
skills/tktrev/coding-agents-skills/commit/Gen Agent Trust Hub

commit

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requests broad access to the git command-line tool via Bash(git *). This allows the execution of any git subcommand, which can be used to alter repository state or configuration.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it analyzes external data (file content and git diffs) to generate commit messages. An attacker could embed instructions in the code that mislead the agent during this process.
  • Ingestion points: git diff, git status, and git diff --cached outputs are used to inform the agent's summary and message generation.
  • Boundary markers: The skill does not define specific delimiters or instructions to ignore potential commands within the staged changes.
  • Capability inventory: The agent has access to Bash(git *) and Read tools.
  • Sanitization: There is no evidence of sanitization or filtering applied to the file content before processing.
  • [DATA_EXFILTRATION]: The workflow includes git push as a core functionality. While the skill claims to check for sensitive files before staging, the use of git add -A followed by a push operation creates a risk of exposing credentials or private data to remote repositories if the automated check fails or is ignored.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 10:33 AM