AgentSkillsCN

smart-commit

通过分析未暂存/已暂存的变更,按逻辑开发关注点对文件进行分组,并以描述性的 Conventional Commit 提交消息依次提交,从而实现智能 Git 提交自动化。内置提交前的安全审计功能,可有效防范凭据泄露与大型二进制文件的提交风险。当用户说“提交”、“智能提交”、“保存更改”、“推送”、“git commit”或类似表述时,可使用此技能。

SKILL.md
--- frontmatter
name: smart-commit
description: >
  Automates intelligent Git commits by analyzing unstaged/staged changes, grouping
  files by logical development concern, and committing sequentially with descriptive
  Conventional Commit messages. Includes pre-commit security audit protecting against
  credential leaks and large binary commits. Use when the user says "commit",
  "smart commit", "save changes", "push", "git commit", or similar.
compatibility: Requires git. Works with any agent that can run shell commands.
metadata:
  author: TheWatcher01
  version: "3.0.0"

Smart Commit

Automated, security-aware Git commit workflow. Analyzes changes, groups files logically, and commits with clean Conventional Commit messages.

Activation Triggers

Activate automatically (no confirmation needed) when the user says:

  • "commit", "smart commit", "commiter", "drill baby drill", "push"
  • "save changes", "push", "send to GitHub"
  • "git commit", "commit all", "commit everything"

Workflow

Phase 1 — Security Audit

MANDATORY before any commit. Abort on critical findings.

bash
# 1. Detect secrets and credentials (CRITICAL — block on match)
git diff --cached --name-only | xargs grep -rlE \
  '(PRIVATE KEY|password\s*=|api_key\s*=|secret\s*=|token\s*=|AWS_SECRET|sk-[a-zA-Z0-9]{20,})' \
  2>/dev/null

# 2. Check for sensitive file extensions
git status --porcelain | grep -iE '\.(env|pem|key|p12|pfx|jks|keystore|secret|credentials|htpasswd)$'

# 3. Detect large files (>10MB)
find . -not -path './.git/*' -not -path './node_modules/*' \
  -not -path './.venv/*' -not -path './vendor/*' \
  -size +10M -type f 2>/dev/null

# 4. Verify .gitignore covers essentials
# See references/security-checklist.md for full patterns
FindingAction
Secrets/credentials detectedBLOCK — alert user, never commit
.env, .pem, .key files stagedBLOCK — alert user, suggest .gitignore
Large binaries (>50MB)WARN — suggest .gitignore or Git LFS
Large files (10-50MB)WARN — ask user for confirmation
Missing .gitignore patternsFIX — add essential patterns, include in first commit

NEVER auto-delete user files. Only warn and suggest actions. File deletion is the user's decision.

Phase 2 — Analyze Changes

bash
git status --porcelain

Classify each file by its git status:

  • ?? → new (untracked)
  • M → modified
  • A → added (staged)
  • D → deleted
  • R → renamed

Phase 3 — Group by Concern

Group files into logical commits using adaptive detection. The agent MUST inspect the actual project structure — do not assume any framework.

Grouping strategy (priority order):

  1. Configuration — Package manifests, lockfiles, config files, CI/CD, .gitignore
  2. Types/Schemas — Type definitions, interfaces, schemas, models
  3. Libraries/Utils — Shared code, helpers, utilities
  4. Core Logic — Components, services, controllers, routes, pages
  5. Styles — CSS, SCSS, Tailwind, theme files
  6. Tests — Test files, test configs, fixtures
  7. Documentation — Markdown, docs, changelogs
  8. Assets — Images, fonts, static files
  9. Infrastructure — Docker, Terraform, deployment configs

Adaptive rules:

  • Inspect the actual directory tree to determine project type
  • Group related files together (e.g., component + its test + its styles)
  • If a feature touches <5 files across categories, consider a single feature commit
  • For detailed patterns per framework, see references/grouping-patterns.md

Phase 4 — Commit Sequentially

Commit in dependency order (config → types → libs → core → rest).

bash
git add <files>
git commit -m "<type>(<scope>): <description>"

Message format: Conventional Commits

TypeWhen
featNew feature or functionality
fixBug fix
docsDocumentation only
styleFormatting, whitespace (no logic change)
refactorCode restructuring (no behavior change)
testAdding or updating tests
choreBuild, config, dependencies, tooling
perfPerformance improvement
ciCI/CD configuration

Message rules:

  • Imperative mood: "add", "fix", "update" (not "added", "fixes")
  • Scope is optional but recommended: feat(auth): add login endpoint
  • Max 72 characters for subject line
  • Be specific: feat(ui): add accordion and badge components not feat: add stuff
  • Language: match the project's language convention (default: English)

Phase 5 — Report & Push

After all commits:

code
✅ Smart Commit complete!

📦 N commits created:

1. chore: update dependencies
   → package.json, pnpm-lock.yaml

2. feat(ui): add button and dialog components
   → src/components/ui/button.tsx
   → src/components/ui/dialog.tsx

🔒 Security: No issues detected
🚀 Push to remote? (Y/n)

If user confirms, push to current tracked branch.

Security Guidelines

See references/security-checklist.md for the full checklist.

Hard blocks (NEVER commit):

  • Private keys, API keys, tokens, passwords in code
  • .env files with real credentials
  • Database dumps (.sql with data)
  • Certificate files (.pem, .p12, .pfx)

Minimum .gitignore patterns:

gitignore
# Secrets
.env
.env.*
*.pem
*.key
*.p12

# Dependencies
node_modules/
.venv/
vendor/
__pycache__/

# Build outputs
dist/
build/
*.pyc

# OS files
.DS_Store
Thumbs.db

# Large media (adjust per project)
*.mp4
*.mov
*.zip
*.tar.gz

Edge Cases

SituationAction
No changes to commitReport: "Working directory clean"
Already staged filesInclude in analysis, respect existing staging
Merge conflictsAlert user, abort until resolved
Branch behind remoteWarn, suggest git pull first
Detached HEADWarn user, suggest creating a branch
Empty repositoryHandle git commit with --allow-empty for initial commit if needed
Submodules changedGroup as separate infrastructure commit

Customization

The skill adapts automatically to any project. For project-specific behavior:

  • Doc tracking: If the project has CHANGELOG.md, suggest updating it
  • Monorepo: Group by package/workspace, prefix scope with package name
  • Pre-commit hooks: Respect existing .pre-commit-config.yaml or husky setup
  • Branch naming: Follow existing branch conventions for any new branches

Anti-Patterns

Don'tDo Instead
feat: add everythingSplit into logical atomic commits
update filesDescribe WHAT changed specifically
Mix config + featuresSeparate concerns into distinct commits
Auto-delete user filesWarn and suggest, let user decide
Commit secrets "temporarily"NEVER — secrets in git history persist forever
Skip security auditALWAYS run Phase 1, even for "quick" commits

References

FileContents
references/security-checklist.mdFull pre-commit security audit checklist
references/grouping-patterns.mdFramework-specific grouping patterns
references/conventional-commits.mdConventional Commits quick reference