Skills
skills/martinffx/atelier/code-review/Gen Agent Trust Hub

code-review

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: References a remote installation script for the gfreview CLI tool hosted on the author's GitHub repository.
  • [REMOTE_CODE_EXECUTION]: Provides instructions to install a required dependency using a piped shell script (curl | bash). This is presented to the user as a manual installation step if the tool is missing and is a resource owned by the skill author.
  • [COMMAND_EXECUTION]: Executes shell commands for git, gh, and gfreview to retrieve code diffs, manage branches, and post review comments.
  • [DATA_EXFILTRATION]: Transmits code snippets and diffs to external AI models (including minimax-m2.5, kimi-k2.5, and glm-5) to perform various analysis phases (Triage, Architect, Challenge).
  • [PROMPT_INJECTION]: The skill processes untrusted code diffs through multiple LLM subagents, creating a surface for indirect prompt injection.
  • Ingestion points: Data is ingested via git diff and gfreview diff commands in references/rq.md.
  • Boundary markers: Uses markdown code blocks to wrap untrusted content in prompts found in references/reviewers.md.
  • Capability inventory: The skill has the capability to write to the filesystem (applying fixes) and interact with external repository APIs via gfreview (as described in references/rs.md).
  • Sanitization: No specific content filtering or instructions to ignore embedded commands are present in the provided prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 03:29 PM