commit
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local git commands including
git status,git diff,git add, andgit commit. These operations are essential for its stated purpose of managing version control changes. - [COMMAND_EXECUTION]: All commit operations are gated by a user-in-the-loop confirmation process using the
AskUserQuestiontool, ensuring the user reviews and approves the split-commit plan before execution. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes untrusted file content through
git diffoutput. - Ingestion points: File changes are read into the agent context in the '変更内容の分析' step in
SKILL.md. - Boundary markers: The skill does not explicitly use markers to delimit diff data from instructions.
- Capability inventory: The skill can execute file staging and commit commands via the shell.
- Sanitization: While it lacks content sanitization, it uses shell-safe heredocs (
cat <<'EOF') to prevent command injection from generated commit messages.
Audit Metadata