Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/apex-review/Gen Agent Trust Hub

apex-review

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute hardcoded git commands (git log --oneline -30 and git diff HEAD~10 --stat) to analyze the repository's history and recent changes. These commands are necessary for its functionality as a reviewer.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted repository content (source code and commit messages) and incorporates it into the agent's context. An attacker could embed malicious instructions in the code being reviewed to influence the agent's behavior.
  • Ingestion points: Repository content accessed through git log, git diff, and the Read tool as specified in the review steps.
  • Boundary markers: Absent; there are no instructions for the agent to use delimiters or ignore instructions found within the ingested data.
  • Capability inventory: The agent has access to Bash, WebFetch, Write, and Edit tools while processing the untrusted content.
  • Sanitization: Absent; the skill does not specify any sanitization or validation steps for the data read from the repository.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 01:39 PM