code-review-graph

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructions specify running the code-review-graph MCP server using uvx. This involves downloading and executing the package from PyPI, which is a standard and official package registry. This is consistent with the skill's primary purpose.
  • [COMMAND_EXECUTION]: BENIGN shell commands are documented for server lifecycle management, including uvx code-review-graph serve to start the server and code-review-graph update for incremental indexing.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it analyzes untrusted source code from local repositories.
  • Ingestion points: Source code files are ingested by tools like build_graph_tool and detect_changes_tool.
  • Boundary markers: The skill does not define specific delimiters or instructions for the agent to ignore embedded commands within the analyzed code.
  • Capability inventory: The skill provides a robust set of 29 tools for traversing AST graphs, evaluating dependencies, and generating risk metrics.
  • Sanitization: No explicit sanitization or filtering of code comments or strings is described in the logic.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 05:43 AM
Security Audit — agent-trust-hub — code-review-graph