test-guide-from-code
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands such as
git diff,gh pr diff, andglab mr diffusing arguments derived from user-provided inputs like branch names, hashes, and IDs. This presents a potential surface for command injection if inputs are not strictly validated by the environment.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it analyzes raw code diffs from external or untrusted sources. Malicious instructions hidden in code comments within the diff could potentially influence or override agent behavior during the analysis or generation phase.\n - Ingestion points: Raw code diffs obtained via git commands or fetched from external URLs referenced in SKILL.md Step 1.\n
- Boundary markers: None identified; diff content is processed directly without sanitization or delimiters.\n
- Capability inventory: Execution of bash commands (git, gh, glab) and local file writing (Edit/Write).\n
- Sanitization: No input sanitization or validation of the diff content is performed prior to analysis.
Audit Metadata