Skills
skills/camacho/ai-skills/review/Gen Agent Trust Hub

review

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill processes plan files and code diffs as part of its core review function, which creates a surface for indirect prompt injection.
  • Ingestion points: The agent reads plan files in ai-workspace/plans/ and code changes identified via git diff.
  • Boundary markers: There are no specific instructions to delimit this untrusted content or warn the agent about embedded instructions.
  • Capability inventory: The skill can perform git commit, create GitHub issues via gh issue create, and write to local files such as .branch-context.md.
  • Sanitization: No sanitization or content validation is performed on the ingested data before it is processed by the agent.
  • [COMMAND_EXECUTION]: The skill utilizes shell commands to interact with the repository and project environment.
  • Evidence: It invokes git diff for mode detection and git commit to automate the application of review fixes.
  • [DATA_EXFILTRATION]: The skill interacts with GitHub to record review summaries.
  • Evidence: Findings are recorded using gh issue create. As GitHub is a well-known service and the data transmitted consists of development-related review summaries, this is considered safe and standard functionality.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 11:38 AM