code-review
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands like
git status,git branch,git log, andgit diffto determine the scope of changes and retrieve the code for review. These are standard operations for a code review tool. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data (the code being reviewed) which could contain malicious instructions for the agent.
- Ingestion points: Git diff output and file contents read during the inspection phase (SKILL.md, Workflow steps 3-5).
- Boundary markers: The instructions do not specify any delimiters or safety markers to help the agent distinguish between its own instructions and the data being analyzed.
- Capability inventory: The agent has the ability to execute git commands and read local files.
- Sanitization: There is no evidence of sanitization or filtering applied to the code content before it is processed by the agent.
Audit Metadata