vicious-review
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands including 'git branch', 'git diff', 'git push', and 'gh pr' to manage the development workflow and automate repository tasks.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it reads and acts upon untrusted code from the local repository. 1. Ingestion points: 'git diff' output and direct file content reads in SKILL.md (Passo 2 and 3). 2. Boundary markers: Absent; there are no delimiters or instructions to ignore embedded prompts in the analyzed code. 3. Capability inventory: Employs the 'Edit' tool for file modifications and the 'git' and 'gh' CLI tools for version control and PR creation. 4. Sanitization: None; the skill does not filter or sanitize code content before processing it for review.
Audit Metadata