Skills
skills/openshift/lightspeed-console/code-review/Gen Agent Trust Hub

code-review

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill processes external, untrusted content from GitHub pull requests and local branches.
  • Ingestion points: PR diffs and commit messages retrieved in Step 1 from GitHub URLs or local git references.
  • Boundary markers: The instructions lack explicit delimiting or warnings to the agent to disregard instructions embedded within the diff data.
  • Capability inventory: The skill has the ability to execute shell commands via git (fetch, diff, log, rev-list).
  • Sanitization: No filtering or sanitization is performed on the content of the diffs before they are processed by the agent.
  • [COMMAND_EXECUTION]: The skill performs shell execution of git commands. While these are used for legitimate project analysis, the commands are parameterized with data derived from external PR links.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 05:59 AM
Security Audit — agent-trust-hub — code-review