requesting-code-review
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local git commands including 'git rev-parse', 'git log', and 'git diff' to identify changes and extract diff content for analysis.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) because it processes untrusted data from the repository without adequate safeguards.
- Ingestion points: Processes external data from git commit history, diff outputs, and local files referenced in the {PLAN_OR_REQUIREMENTS} placeholder.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the 'code-reviewer.md' template.
- Capability inventory: Performs subprocess execution via the 'git' CLI.
- Sanitization: No input validation or sanitization is performed on code diffs or commit messages before they are interpolated into the prompt.
Audit Metadata