ack-code-review
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its ingestion of untrusted review reports.
- Ingestion points: Reads from $ARGUMENTS and files like 'review.md' or 'findings.md' (SKILL.md).
- Boundary markers: Absent; does not use delimiters or instructions to ignore embedded instructions.
- Capability inventory: Modifies files (Step 5) and executes shell commands (Step 6).
- Sanitization: Absent; no validation is performed on report contents.
- [COMMAND_EXECUTION]: The skill executes shell commands to run unit tests and linters (Step 6), which can be abused to execute malicious code if influenced by the review report.
Audit Metadata