code-review

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands like git status, git branch, git log, and git diff to determine the scope of changes and retrieve the code for review. These are standard operations for a code review tool.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data (the code being reviewed) which could contain malicious instructions for the agent.
  • Ingestion points: Git diff output and file contents read during the inspection phase (SKILL.md, Workflow steps 3-5).
  • Boundary markers: The instructions do not specify any delimiters or safety markers to help the agent distinguish between its own instructions and the data being analyzed.
  • Capability inventory: The agent has the ability to execute git commands and read local files.
  • Sanitization: There is no evidence of sanitization or filtering applied to the code content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 09:47 AM
Security Audit — agent-trust-hub — code-review