Requesting Code Review
Pass
Audited by Gen Agent Trust Hub on May 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using git to manage code commits and analyze changes, specifically rev-parse, log, and diff.
- [PROMPT_INJECTION]: The reviewer subagent defined in code-reviewer.md has an attack surface for indirect prompt injection. (1) Ingestion points: Untrusted code changes and implementation descriptions are ingested via placeholders. (2) Boundary markers: No explicit delimiters are provided to separate the instructions from the code content. (3) Capability inventory: The subagent is instructed to perform git shell operations. (4) Sanitization: No validation or sanitization of the code changes is performed before the review occurs.
Audit Metadata