review-diff
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected in the skill instructions or metadata.
- [PROMPT_INJECTION]: The skill instructions do not contain any attempts to bypass safety filters, override system behavior, or extract sensitive internal prompts.
- [DATA_EXFILTRATION]: No network operations (curl, wget, etc.) or sensitive file path access (e.g., credentials, ssh keys) were identified. The skill's scope is strictly limited to the provided git diff input.
- [REMOTE_CODE_EXECUTION]: There are no patterns involving the download or execution of remote scripts or unverified third-party code.
- [COMMAND_EXECUTION]: The skill does not invoke any shell commands or subprocesses that could lead to unauthorized system access.
- [INDIRECT_PROMPT_INJECTION]: While the skill ingests external data (git diffs) as its primary input, it lacks exploitable capabilities such as network access or file writing. The risk of an indirect prompt injection affecting the local system is negligible as the skill only outputs structured text findings.
Audit Metadata