Skills
skills/andrewvaughan/agent-council/review-code/Gen Agent Trust Hub

review-code

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes local git commands and project-specific development tools to analyze and modify the codebase.
  • Executes git diff, git status, and git commit to identify and manage code changes (SKILL.md, Steps 1 and 8).
  • Runs project-defined formatting and linting commands such as format:check and lint (SKILL.md, Step 2).
  • Applies fixes by writing generated code directly to the local filesystem and staging the changes (SKILL.md, Step 7).
  • [PROMPT_INJECTION]: The skill exposes a surface area for indirect prompt injection as it processes untrusted content from the codebase.
  • Ingestion points: The workflow reads arbitrary code content and diffs from the repository using git diff (SKILL.md, Step 1).
  • Boundary markers: The instructions lack explicit delimiters or "ignore embedded instructions" warnings for the code content being analyzed.
  • Capability inventory: The agent has the capability to write to the filesystem (applying fixes) and commit changes to the repository (SKILL.md, Steps 7 and 8).
  • Sanitization: There is no evidence of sanitization or filtering for instructions that might be embedded in code comments or string literals within the reviewed files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 09:14 PM