parallel-review
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill operates as a workflow orchestrator for legitimate development tasks. It uses well-known services and internal subagents to perform code analysis without exhibiting malicious patterns like credential theft or persistence.\n- [COMMAND_EXECUTION]: The skill executes git commands to determine the scope of changes and runs specialized tools to fix TypeScript errors or apply code suggestions.\n- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks (Category 8) because it processes untrusted source code and passes it to LLM subagents for review.\n
- Ingestion points: Reads local files and git diff output (SKILL.md Step 1).\n
- Boundary markers: Code content is interpolated into subagent prompts without explicit delimiters (like XML tags) or instructions to disregard embedded commands.\n
- Capability inventory: The skill can write code to the local filesystem and execute code review subagents.\n
- Sanitization: No validation or sanitization is performed on the code changes before analysis.
Audit Metadata