git-commit-review
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes standard system commands including 'git status', 'git diff', 'git add', 'git commit', and 'git push' to manage the repository workflow. It also attempts to execute arbitrary scripts, such as linting or typechecking tools, if they are defined within the project's 'package.json' file.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from local code changes which could contain malicious instructions designed to influence the agent's behavior during commit message generation.
- Ingestion points: Untrusted data enters the agent context through the outputs of 'git status', 'git diff', and 'git diff --cached' as specified in 'SKILL.md'.
- Boundary markers: Absent. The instructions do not specify the use of delimiters or 'ignore' directives to prevent the agent from obeying instructions embedded within the code diffs.
- Capability inventory: The agent has the capability to stage files, create commits, and push code to remote repositories.
- Sanitization: No sanitization or filtering of the git diff output is performed before it is analyzed by the LLM for commit message generation.
Audit Metadata