as-review
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses git diff and git diff --cached to identify changes in the local repository. It also instructs the agent to execute project-specific quality checks such as linting, type checking, and running tests. These are standard operations for a development-focused skill.
- [PROMPT_INJECTION]: An indirect prompt injection surface exists because the skill processes untrusted data from workspace files. 1. Ingestion points: Modified files in the git workspace. 2. Boundary markers: None explicitly defined to delimit untrusted file content. 3. Capability inventory: git diff, file reading, and execution of lint/test tools. 4. Sanitization: No specific sanitization or escaping of file content is mentioned before analysis.
Audit Metadata