skills/umbraco/umbraco-cms/umb-review/Gen Agent Trust Hub

umb-review

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes git diff, git log, and gh pr view to retrieve information about the current branch and its changes. These operations are essential for the skill's intended purpose of code review.
  • [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection.
  • Ingestion points: The agent is instructed to read and "internalize" instructions from repository-hosted files like CLAUDE.md and other documentation (Step 2b) to define its review criteria.
  • Boundary markers: There are no markers or instructions to treat repository content as untrusted; the agent adopts these conventions as authoritative.
  • Capability inventory: The agent has the ability to execute shell commands using git and the GitHub CLI tools.
  • Sanitization: The skill does not validate or sanitize the content read from the repository before using it to guide its logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 10:56 AM
Security Audit — agent-trust-hub — umb-review