commit-staged
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No security issues were detected in the skill instructions. The skill provides standard documentation for git operations and does not contain any malicious instructions or dangerous command execution.
- [NO_CODE]: The skill consists entirely of markdown instructions and metadata for the AI agent; it does not include any Python scripts, Node.js code, or external dependencies.
- [INDIRECT_PROMPT_INJECTION]: The skill processes data from the user's staged git changes, which presents a potential surface for indirect prompt injection if those changes contain adversarial instructions meant to influence the agent's behavior. 1. Ingestion points: Staged git changes (SKILL.md). 2. Boundary markers: None. 3. Capability inventory: Git commit operations. 4. Sanitization: None.
Audit Metadata