Skills
skills/primatrix/skills/requesting-code-review/Gen Agent Trust Hub

requesting-code-review

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes external data (git diffs) which could contain adversarial instructions intended to influence the subagent's review results. \n
  • Ingestion points: The code-reviewer.md template is populated with output from git diff commands. \n
  • Boundary markers: Absent; the diff content is not delimited, and there are no instructions to the subagent to ignore embedded commands. \n
  • Capability inventory: The skill uses git rev-parse and git diff via shell commands. \n
  • Sanitization: No input sanitization or output filtering is implemented for the code content being reviewed. \n- [COMMAND_EXECUTION]: The skill uses placeholders {BASE_SHA} and {HEAD_SHA} directly inside shell command blocks in code-reviewer.md. This represents a command injection surface if the commit references provided to the template are not strictly validated as legitimate git SHAs.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 08:41 AM