git-committer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION] (SAFE): No instructions were found that attempt to override the agent's system prompt, bypass safety guidelines, or extract internal instructions.
- [DATA_EXFILTRATION] (SAFE): There are no hardcoded credentials, access to sensitive file paths (e.g., SSH keys), or network requests to external domains.
- [REMOTE_CODE_EXECUTION] (SAFE): The skill does not download or execute remote scripts or packages. It relies entirely on local Git and Bash tools.
- [COMMAND_EXECUTION] (SAFE): The Bash commands used (
git status,git diff,git add,git commit) are standard for version control and do not involve privilege escalation or suspicious shell operations. - [INDIRECT_PROMPT_INJECTION] (LOW): (Category 8) The skill ingests untrusted data in the form of repository filenames through
git statusandgit diff. While this represents a theoretical attack surface, it is inherent to the skill's purpose and the risk is considered low. Evidence Chain: 1. Ingestion points: Local filenames read bygit status --shortandgit diff --name-only(SKILL.md). 2. Boundary markers: None present. 3. Capability inventory: Subprocess calls for Git operations. 4. Sanitization: None detected.
Audit Metadata