find-bugs
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
git diff,git show, andgh repo viewto retrieve code changes for analysis. These operations are essential for its function and are limited to local repository context. - [PROMPT_INJECTION]: The skill uses strong instructional language such as "MANDATORY" and "ABSOLUTELY MUST" to enforce a rigorous auditing protocol. These are considered natural instructional constraints aimed at improving output quality rather than malicious attempts to bypass safety filters.
- [SAFE]: The instructions include a specific safety rule to never include actual secret values (like API keys or tokens) in findings, only reporting their type and location. This demonstrates a security-first design for handling potentially sensitive code content.
Audit Metadata