Skills
skills/derklinke/codex-config/review-find-bugs/Gen Agent Trust Hub

review-find-bugs

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill was evaluated for indirect prompt injection risks as it is designed to process external code diffs.
  • Ingestion points: Untrusted data enters the agent context through the output of git diff commands executed in the local environment (SKILL.md).
  • Boundary markers: The skill does not define specific delimiters or boundary instructions to isolate analyzed code from the agent's instructions.
  • Capability inventory: The skill is restricted to read-only analysis and reporting; it does not include instructions for code execution, system changes, or network operations beyond repository metadata retrieval.
  • Sanitization: No explicit sanitization or filtering of the ingested code diffs is performed.
  • [COMMAND_EXECUTION]: The skill utilizes the git and gh command-line tools. The usage is limited to retrieving branch names and code diffs, which are standard operations for a code review tool and do not present a security risk.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 09:41 AM