Skills
skills/buildrtech/dotagents/requesting-code-review/Gen Agent Trust Hub

requesting-code-review

Pass

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill is susceptible to indirect prompt injection because it processes untrusted content from git diffs and user-defined implementation summaries without adequate boundary markers.
  • Ingestion points: The code-reviewer.md template (lines 14, 18, 24) ingests {DESCRIPTION}, {PLAN_REFERENCE}, and the results of git diff at runtime.
  • Boundary markers: There are no explicit delimiters or instructions to the subagent to ignore embedded commands within the code or descriptions being reviewed.
  • Capability inventory: The subagent primarily performs read-only operations on the local git repository and provides textual feedback; no dangerous write or network capabilities are exposed.
  • Sanitization: The skill does not sanitize the input strings or the output of the git commands before passing them to the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 18, 2026, 06:56 AM