Skills
skills/nicolas-codemate/claudecodeconfig/code-review/Gen Agent Trust Hub

code-review

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes shell commands git diff and git diff --stat to obtain the set of changes to be reviewed for the subagent.\n- [PROMPT_INJECTION]: Ingests potentially untrusted external content from tickets and code changes into a subagent prompt, which constitutes an indirect prompt injection surface.\n
  • Ingestion points: Reads project-specific data from .claude_resolve/{ticket-id}/ and the project's root CLAUDE.md.\n
  • Boundary markers: Utilizes XML-style delimiters (e.g., <ticket>, <implementation_plan>, and <diff>) to encapsulate untrusted data within the prompt and instructs the agent to treat it as fresh context.\n
  • Capability inventory: Possesses capabilities to read/write files to the filesystem and execute shell commands (git).\n
  • Sanitization: No explicit sanitization or input validation for the context variables is performed before interpolation into the subagent prompt.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 05:15 PM
Security Audit — agent-trust-hub — code-review