Skills
skills/andreacovelli/my-skills/code-reviewer/Gen Agent Trust Hub

code-reviewer

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the GitHub CLI (gh) and Git to retrieve repository state, diffs, and pull request metadata. It also executes a bundled Python script (detect-god-files.py) to triage files based on size and complexity metrics.
  • [COMMAND_EXECUTION]: The instructions direct the agent to infer and run project-specific validation commands (e.g., npm test, pytest, make) found in the repository configuration. The skill includes explicit instructions for the agent to warn the user or ask for confirmation before running potentially destructive or heavy commands.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes untrusted data from GitHub pull requests and local source files.
  • Ingestion points: External data enters the context via gh pr view, gh pr diff, and reading local file contents (SKILL.md).
  • Boundary markers: The skill does not utilize explicit delimiters or 'ignore' instructions when interpolating external content into the prompt.
  • Capability inventory: The skill can execute shell commands via subprocess.run (in scripts/detect-god-files.py), Git/GitHub CLI operations, and arbitrary project-specific validation scripts (SKILL.md).
  • Sanitization: No automated sanitization of ingested code or PR descriptions is performed; however, the agent is specifically instructed to adopt a 'bug-finding stance' and watch for instructions that could cause unsafe actions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 12:43 PM
Security Audit — agent-trust-hub — code-reviewer