quality-gate
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes various shell commands to inspect the project structure, generate git diffs, and manage version control operations including
git,jq,grep, andrm. - [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted code changes and uses agents to generate fixes that are then automatically applied to the codebase.
- Ingestion points: Step 1 collects a git diff of the branch changes, which serves as the primary input for the reviewer agents.
- Boundary markers: The instructions do not define protective delimiters or specific 'ignore' directives to prevent agents from interpreting the diff content as instructions.
- Capability inventory: The skill has the ability to modify local files via the
Edittool and commit/push changes to remote repositories via the shell. - Sanitization: No validation or sanitization is performed on the agent-generated fixes before they are automatically integrated into the codebase.
Audit Metadata