code-review
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
Bashtool to execute git commands and various project-specific build/test tools such asgolangci-lint,go build,npm run build,ruff, andpytest. While these are necessary for the skill's primary function of code review and quality assurance, they involve executing code and configurations defined within the codebase under review. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes untrusted source code and diffs. Maliciously crafted comments or code patterns in the reviewed files could attempt to manipulate the agent's behavior during the review process.
- Ingestion points: The skill reads file content using
git diffand theReadtool as specified in Workflow steps 1 and 3 ofSKILL.md. - Boundary markers: No specific delimiters or instructions to ignore embedded commands are used when processing the code content.
- Capability inventory: The agent has access to powerful tools including
Bash,Edit,Read,Grep, andGlobacross all operations. - Sanitization: There is no evidence of input sanitization or filtering of the code content before it is processed by the model.
Audit Metadata