Skills
skills/chachamaru127/claude-code-harness/harness-review/Gen Agent Trust Hub

harness-review

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute git diff and a local script (scripts/review-ai-residuals.sh) to collect data for analysis. This is consistent with its stated purpose of performing code reviews and scanning for artifacts like 'AI residuals' or hardcoded secrets.
  • [PROMPT_INJECTION]: The skill represents an indirect prompt injection surface as it ingests and processes untrusted data from external sources.
  • Ingestion points: Reads code changes via git diff and project tasks via Plans.md.
  • Boundary markers: The instructions define a structured JSON output format for the agent, which helps in separating data from instructions, but no explicit 'ignore embedded instructions' markers are used for the input data.
  • Capability inventory: The skill has access to shell execution (Bash), task management (Task), and file system tools (Read, Grep, Glob, Edit).
  • Sanitization: There is no evidence of sanitization or escaping of the content being reviewed before it is processed by the AI model.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 12:13 PM