code-reviewing
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands including git status, git diff, git branch, and git log to gather repository context for analysis.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) when processing code changes.
- Ingestion points: Untrusted data enters the agent context via the git diff command in SKILL.md.
- Boundary markers: No delimiters or instructions are used to distinguish the analyzed code from the agent's instructions.
- Capability inventory: The skill includes the ability to execute shell commands.
- Sanitization: No sanitization or escaping is applied to the code content before it is processed by the AI.
Audit Metadata