interrogate
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
git diffto identify changes within the repository. This is a standard and expected operation for a tool focused on code review. - [SAFE]: Subagents are configured as
readonly: true, which effectively sandboxes their execution and prevents them from modifying the local environment or repository during the review process. - [PROMPT_INJECTION]: The skill processes untrusted code content through the
{DIFF_OR_FILES}variable inreferences/reviewer-prompt.md. This creates a surface for indirect prompt injection, but the risk is managed by the skill's multi-model consensus and lead-reviewer synthesis logic. Ingestion points:{DIFF_OR_FILES}in the prompt template. Boundary markers: Markdown headers are used. Capability inventory: Read-only repository access and subagent creation. Sanitization: None.
Audit Metadata