Skills
skills/shipshitdev/library/code-review/Gen Agent Trust Hub

code-review

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes shell commands (git status, git diff, git log, git branch) to inspect the repository. These are static, read-only operations used for context gathering during code reviews.
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface:
  • Ingestion points: The skill processes untrusted code and PR content provided by the user (SKILL.md).
  • Boundary markers: Absent. There are no explicit delimiters or instructions to ignore embedded commands in the processed code.
  • Capability inventory: Shell execution via git commands (SKILL.md).
  • Sanitization: Absent. No validation or sanitization of the input code is performed before analysis.
  • [SAFE]: No malicious instructions, obfuscation, or unauthorized data access patterns were identified. The content focuses on enhancing code quality and security.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 07:31 AM