Skills
skills/reviewstage/stage-cli/quality-review/Gen Agent Trust Hub

quality-review

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by extracting instructions from an external file and using them to prompt subagents.
  • Ingestion points: Data is ingested from the ## Implementation Quality section of the project's AGENTS.md file in Step 1.
  • Boundary markers: No delimiters or instructions to ignore embedded commands are present when the criterion text is interpolated into the subagent prompt template in Step 2.
  • Capability inventory: Subagents are launched using the Task tool (type: Explore), which possesses capabilities to execute shell commands (e.g., git diff) and perform web searches.
  • Sanitization: There is no evidence of sanitization, validation, or escaping of the criterion text before it is used to influence the subagent's execution logic.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 11:56 AM