Skills
skills/blogic-cz/agent-tools/code-review/Gen Agent Trust Hub

code-review

Pass

Audited by Gen Agent Trust Hub on Apr 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it processes untrusted data from the project codebase.
  • Ingestion points: Code changes, file contents, and commit history retrieved via git diff, git log, and file path analysis in SKILL.md.
  • Boundary markers: Absent; there are no instructions provided to the agent to treat reviewed code as data rather than instructions or to use specific delimiters.
  • Capability inventory: The skill utilizes shell commands including git and bun run check which could be target for exploitation if the agent obeys instructions inside the code.
  • Sanitization: Absent; the content is analyzed without escaping or filtering mechanism.
  • [COMMAND_EXECUTION]: The skill uses local shell commands to facilitate the review process.
  • Evidence: Instructs the agent to execute git log, git diff, and bun run check (found in SKILL.md).
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 23, 2026, 06:40 AM