The Agent Skills Directory

[COMMAND_EXECUTION] (SAFE): The skill executes standard git commands such as git diff, git status, and git commit to perform its primary function. These operations are local and triggered by user intent.
[PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because it processes untrusted data from the user's codebase. * Ingestion points: Untrusted data enters the agent context via the output of git diff --cached in Step 1. * Boundary markers: Absent; the instructions do not provide delimiters or specific warnings to ignore instructions embedded within the code diffs during analysis. * Capability inventory: The skill has the capability to execute shell commands via git commit as defined in Step 6. * Sanitization: Absent; the skill does not perform validation or sanitization on the diff content before analysis. * Mitigation: The risk is significantly reduced by the mandatory human-in-the-loop approval step before any commit is finalized.

formatting-commit-messages