conventional-commit
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill possesses an indirect prompt injection surface as it ingests untrusted data from the local environment to generate commit messages.\n
- Ingestion points: The skill reads local file changes via
git diff HEADandgit status.\n - Boundary markers: Absent. The instructions do not define delimiters for diff content or provide guidance to ignore embedded instructions within the ingested code.\n
- Capability inventory: The skill can stage files using
git add -Aand execute commits withgit commit.\n - Sanitization: Absent. Content from the diff is processed by the model without escaping or filtering.\n- COMMAND_EXECUTION (SAFE): The skill performs local git operations which are necessary for its intended purpose.\n
- Evidence: Use of
git status,git diff,git add, andgit commit. The generated commit command uses a quoted heredoc (cat <<'EOF') which safely handles multi-line input and prevents unintended shell expansion of the generated message content.
Audit Metadata