Skills
skills/atxinsky/skills/requesting-code-review/Gen Agent Trust Hub

requesting-code-review

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands like git rev-parse, git log, and git diff with variable interpolation in SKILL.md and code-reviewer.md. If git metadata (e.g., branch names) or user-provided placeholders contain shell metacharacters, it could lead to unintended command execution.
  • [PROMPT_INJECTION]: The code-reviewer.md template is vulnerable to indirect prompt injection because it interpolates external inputs such as {DESCRIPTION} and {PLAN_REFERENCE} directly into the instructions. An attacker could provide malicious content to influence or bypass the reviewer agent's logic.
  • Ingestion points: Placeholders in code-reviewer.md ({WHAT_WAS_IMPLEMENTED}, {PLAN_OR_REQUIREMENTS}, {DESCRIPTION}, {PLAN_REFERENCE}).
  • Boundary markers: None identified; untrusted content is mixed directly with system-level instructions.
  • Capability inventory: The skill uses subprocess calls to git for repository analysis.
  • Sanitization: No input sanitization or escaping is performed on the interpolated strings.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 09:48 PM