commit-organizer
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute git commands such as 'git status', 'git diff', 'git add', and 'git commit' to manage the repository state.- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it analyzes untrusted file content via git diffs, which could contain malicious instructions designed to manipulate the agent's behavior during the commit organization process.
- Ingestion points: The agent reads untrusted data from the local repository through 'git status' and 'git diff' commands.
- Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat the diff content purely as data or to ignore instructions embedded within the code changes.
- Capability inventory: The agent has access to the 'Bash' tool, which allows it to execute arbitrary commands on the local system.
- Sanitization: The skill lacks explicit sanitization or filtering of the content retrieved from the git diffs.
Audit Metadata