adversarial-review
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill incorporates an indirect prompt injection surface as part of its core code review functionality. It reads content from git diffs and local project convention files to provide context for subagent critiques.\n
- Ingestion points: Git diff outputs and project configuration files (e.g., CLAUDE.md, .cursor/rules) are read in Step 1.\n
- Boundary markers: The ingested content is interpolated into a subagent prompt template using the {conventions} and {diff} placeholders.\n
- Capability inventory: The agent has the capability to execute shell commands (git) and modify local source code to apply suggested fixes.\n
- Sanitization: The workflow relies on the main agent's judgment to evaluate subagent findings against its own context and project rules before applying any changes.\n- [COMMAND_EXECUTION]: The skill executes standard local git commands, such as git diff, to gather the necessary context for the review process. It also utilizes the Agent tool to spawn subagents for parallel analysis.
Audit Metadata