simplify
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands like
git diffandgit diff HEADto scope the review and identify code changes. These are standard operations for a development-oriented skill. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes untrusted data (source code from the local environment) and has the capability to write changes back to the filesystem.
- Ingestion points: Code changes retrieved via
git diffor content from recently modified files inSKILL.md. - Boundary markers: Absent; the instructions do not specify delimiters or warnings to ignore instructions embedded within the code being analyzed.
- Capability inventory: The agent is instructed to modify files directly to fix identified issues.
- Sanitization: Absent; no explicit sanitization or validation of the input code is performed before processing.
Audit Metadata