Skills
skills/existential-birds/beagle/review-ai-writing/Gen Agent Trust Hub

review-ai-writing

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses standard shell commands such as git diff, find, git log, and mkdir, along with the GitHub CLI (gh pr view), to discover files and retrieve commit/PR metadata. These actions are standard for developer tools and are limited to the local repository environment.- [PROMPT_INJECTION]: The skill has an inherent surface for Indirect Prompt Injection (Category 8) because it analyzes untrusted text from the codebase and PR metadata.
  • Ingestion points: Processes text from various source files (Markdown, Python, TypeScript, etc.), commit messages, and PR descriptions.
  • Boundary markers: Absent. The instructions do not specify the use of delimiters or 'ignore' commands when passing ingested content to subagents for analysis.
  • Capability inventory: Spawns subagents via the Task tool and writes results to a local JSON report at .beagle/ai-writing-review.json.
  • Sanitization: No sanitization or escaping is applied to the ingested content before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 04:40 PM