commit-work

The skill 'Commit Work' is designed to guide users through a best-practice git commit workflow. It consists of a README.md for general information, a SKILL.md containing the AI's instructions and workflow, and a references/commit-message-template.md for commit message formatting.

Upon thorough analysis, no malicious patterns were detected across any of the provided files.

• Prompt Injection: The instructions are clear, direct, and do not contain any patterns indicative of prompt injection attempts (e.g., 'ignore previous instructions,' 'override safety guidelines,' 'developer mode').
• Data Exfiltration: The skill exclusively uses standard git commands (git status, git diff, git add -p, git restore, git commit). These commands operate locally and do not involve any network requests to external, untrusted domains or access to sensitive files (like ~/.aws/credentials or ~/.ssh/id_rsa) for exfiltration purposes. The skill's 'Safety Checks' section advises against including secrets, but this is a user recommendation, not an action taken by the skill to find and exfiltrate them.
• Obfuscation: No forms of obfuscation (Base64, zero-width characters, homoglyphs, URL/hex/HTML encoding) were found in any of the files.
• Unverifiable Dependencies: The skill relies on the git command-line tool, which is a standard system utility and not an external package installed by the skill. There are no npm install, pip install, or similar commands. A reference to https://www.conventionalcommits.org/ is a link to a specification, not a dependency download.
• Privilege Escalation: No commands like sudo, chmod +x, chmod 777, or attempts to install services were found.
• Persistence Mechanisms: There are no instructions or commands to modify shell configuration files (.bashrc, .zshrc), create cron jobs, or establish other persistence mechanisms.
• Metadata Poisoning: The name and description fields in SKILL.md are benign and accurately reflect the skill's purpose.
• Indirect Prompt Injection: While any skill that processes user input (like commit messages) has an inherent, general risk of indirect prompt injection, this skill's instructions guide the user in creating structured input, rather than executing arbitrary user-provided text as commands. The skill itself does not introduce specific vulnerabilities in this area.
• Time-Delayed / Conditional Attacks: No conditional logic based on dates, times, usage counts, or environment variables that could trigger malicious behavior were found.

The skill's design is purely instructional and relies on the user executing standard git commands. It does not contain any executable scripts or external code downloads.