review-firmware
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted firmware code which presents an indirect prompt injection surface.
- Ingestion points: External code is ingested into the agent context via the
Readtool andgit diffcommand results as instructed inSKILL.md. - Boundary markers: The instructions lack delimiters (such as XML tags or specific markdown blocks) or warnings to the agent to ignore embedded instructions within the firmware comments or code.
- Capability inventory: The skill utilizes
Bash(git:*),Read,Grep, andGlobtools to inspect the file system and version history. - Sanitization: No sanitization, escaping, or validation logic is present to handle potentially malicious instructions embedded in the analyzed data.
Audit Metadata