git-commit
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute several shell commands, including
git add,git commit, andgit tag. These are used as intended for repository management. - [COMMAND_EXECUTION]: The skill executes a local script
scripts/calver.pyusingpython3. This script is part of the skill package and is used to determine the next version number. - [SAFE]: No external network requests, data exfiltration patterns, or unauthorized file access attempts were detected. The skill operates entirely within the local git repository context.
- [SAFE]: The Python script
scripts/calver.pyincludes robust input validation. It uses a strict regular expression^(\d{1,2})\.(\d{1,2})\.(\d+)$and integer casting (int()) to process existing git tags, preventing potential command injection via malicious tag names.
Audit Metadata