commit
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell commands during invocation via
invocation_hooksto verify repository status and uses standard CLI tools (git,npm,poetry) for staging, validation, and committing changes.\n- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by parsing agent activity logs from.claude/agents/activity/{branch}.jsonland incorporating the contents into commit messages. Evidence: 1. Ingestion points: activity log files in.claude/agents/activity/. 2. Boundary markers: Absent for the log data. 3. Capability inventory: Command execution and file-write capabilities. 4. Sanitization: No explicit sanitization or filtering of the log data is performed before interpolation.
Audit Metadata