embark-review
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted content from 'git diff' and local code files. While this is necessary for its purpose as a code review tool, an attacker could potentially embed malicious instructions within code comments or diffs to influence the agent's review summary.
- Ingestion points: Git diff output and local source code files via 'embark search'.
- Boundary markers: None specified in the instructions.
- Capability inventory: Execution of 'git' and 'embark' commands.
- Sanitization: Not explicitly handled in the skill instructions.
Audit Metadata