code-review
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted source code and diffs. Malicious instructions in the code being reviewed could influence the agent's analysis. Ingestion points: staged changes, PR diffs, and file contents. Boundary markers: Absent. Capability inventory: Read, Glob, Grep, Bash. Sanitization: Absent.
- [EXTERNAL_DOWNLOADS]: The skill encourages installing several CLI tools and extensions from well-known sources like NPM and GitHub (@openai/codex, @google/gemini-cli, and gemini-cli-extensions).
- [COMMAND_EXECUTION]: The skill uses Git hooks and shell commands (e.g., git diff, claude, npx) to automate code review tasks within the local environment and CI/CD pipelines.
Audit Metadata