code-review
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious instructions, prompt injections, or obfuscation patterns were detected within the skill files.
- [PROMPT_INJECTION]: The skill processes untrusted data from git commits, creating a surface for indirect prompt injection. Ingestion points: git log and git show (references/git_operations.md). Boundary markers: None specified. Capability inventory: Subprocess calls for git, rg, and fd. Sanitization: Not specified. This risk is inherent to the primary code-review function.
Audit Metadata