double-check
Pass
Audited by Gen Agent Trust Hub on Jun 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands to detect (
command -v) and execute local AI CLI agents such ascodex,claude,gemini, andcursor-agent. The skill explicitly warns about the risks of agents that lack native read-only sandboxing (specificallycursor-agent) and recommends user consent before use. - [EXTERNAL_DOWNLOADS]: The skill's primary function involves sending code snippets and plans to external AI providers for review. It includes explicit 'Guardrails' and 'Anti-patterns' sections instructing the user and the agent to redact credentials, secret-bearing paths, and sensitive environmental data before transmission.
- [PROMPT_INJECTION]: Static analysis flagged an instruction-override pattern in
resources/brief-template.md. Analysis confirms this is a defensive security measure: the skill instructs the verifier agent to explicitly look for and report hidden instructions in the code it reviews (indirect prompt injection defense), rather than a malicious attempt to override the host's behavior. - [SAFE]: The skill implements strong boundary markers by feeding review briefs via
stdinrather than shell arguments, preventing brief content from leaking into process listings or shell history.
Audit Metadata