identify-reviewer
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- Identity Detection via Local Commands: The skill executes commands such as
gh auth statusandgit configto identify the current user. This allows the agent to refer to the user's own previous work in the second person, enhancing the relevance of its feedback. - Analysis of External Content: This skill processes git logs and pull request comments to attribute actions to the user. This involves ingesting external data, which is a potential surface for indirect instructions. (1) Ingestion points: Git log and pull request comments processed during review workflows (SKILL.md). (2) Boundary markers: No specific delimiters or safety warnings are defined in the skill for this content. (3) Capability inventory: The skill is restricted to local identity commands like
ghandgit(SKILL.md). (4) Sanitization: No explicit sanitization of external metadata is performed by the skill logic.
Audit Metadata