smart-commit
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the system's Git CLI to perform operations such as
git status,git diff,git add,git commit, andgit push. This allows the agent to modify the local repository and interact with remote servers configured as 'origin'. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it reads and analyzes file content (via
git diff) to summarize changes. A malicious file within the repository could contain instructions designed to trick the agent during the analysis phase. - Ingestion points: File content retrieved through
git diffandgit diff --stagedin the workflow (SKILL.md). - Boundary markers: The skill lacks explicit instructions or delimiters to prevent the agent from following commands embedded within the code changes being analyzed.
- Capability inventory: The skill can execute command-line Git operations, which involves subprocess execution and network activity (
git push). - Sanitization: There is no evidence of sanitization or escaping applied to the diff output before it is passed to the language model for analysis.
Audit Metadata