skills/mattpocock/skills/code-review/Gen Agent Trust Hub

code-review

Pass

Audited by Gen Agent Trust Hub on Jul 1, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill creates an indirect prompt injection surface by processing untrusted data from the repository and incorporating it into instructions for autonomous sub-agents.
  • Ingestion points: The skill reads input from git diff, git log (including commit messages), and external specification documents (Issues and PRDs).
  • Boundary markers: The prompt templates for the sub-agents do not include delimiters or instructions to disregard embedded commands within the analyzed content.
  • Capability inventory: The skill uses the Agent tool to execute general-purpose analysis on the ingested data.
  • Sanitization: No validation or sanitization is performed on the text extracted from the git history or external specifications before it is used to construct sub-agent prompts.
  • [COMMAND_EXECUTION]: The skill relies on local shell commands to retrieve repository data and verify references.
  • Evidence: It executes git diff, git log, and git rev-parse using parameters derived from user input.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 1, 2026, 11:07 AM
Security Audit — agent-trust-hub — code-review