staged-code-review

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes Git commands and workspace-specific validation tools (linters, test runners, and CI-equivalent checks) to verify changes. This is a functional requirement of the skill but involves executing code/scripts defined within the target repository.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from staged Git diffs and repository files as a core function.
  • Ingestion points: Git staged diffs (git diff --cached) and surrounding repository files.
  • Boundary markers: None explicitly specified in instructions to separate data from instructions.
  • Capability inventory: File system write access (fixing issues) and shell command execution (Git and workspace validation tools).
  • Sanitization: The instructions do not specify sanitization or escaping of the content read from the repository before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 09:03 PM
Security Audit — agent-trust-hub — staged-code-review