commit
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection. 1. Ingestion points: The skill reads local source code changes via
git diff HEADandgit status. 2. Boundary markers: No explicit delimiters or instructions are used to tell the agent to ignore instructions embedded within the diff. 3. Capability inventory: The skill has the ability to stage all changes (git add -A) and create commits. 4. Sanitization: No sanitization is performed on the ingested diff content before processing. - COMMAND_EXECUTION (SAFE): The skill executes local git commands required for its primary purpose. It employs a shell HEREDOC (
cat <<'EOF') for the commit message construction, which is a recommended security practice to prevent the message content from being interpreted as shell code or subcommands.
Audit Metadata