Skills
skills/makisuo/skills/effect-review-v4/Gen Agent Trust Hub

effect-review-v4

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill's workflow for analyzing external codebases introduces a surface for indirect prompt injection attacks.
  • Ingestion points: The skill reads files from the local filesystem and remote PRs using git diff, gh pr diff, and git ls-files (in SKILL.md), and passes this content to sub-agents for evaluation.
  • Boundary markers: The prompt template for sub-agents (the Shared: Agent Prompt section in SKILL.md) does not use delimiters to wrap the code content, nor does it include explicit instructions for the agents to ignore potential prompts or commands embedded in comments or strings within the code files.
  • Capability inventory: The skill uses the Agent tool for task delegation and shell-based developer tools (git, gh). If a sub-agent is successfully injected by code content, it could potentially misuse its assigned tools.
  • Sanitization: There is no evidence of content sanitization, filtering, or escaping before the code is provided to the sub-agents.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 04:51 PM
Security Audit — agent-trust-hub — effect-review-v4