Skills
skills/cockroachdb/cockroach/review-crdb/Gen Agent Trust Hub

review-crdb

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands to interact with the local repository and the GitHub API.
  • Employs git commands (e.g., git merge-base, git log, git diff) to identify code changes.
  • Uses gh (GitHub CLI) for PR operations, including gh pr diff, gh pr checkout, and gh api to post review comments.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from external code changes.
  • Ingestion points: Reads git diff outputs, gh pr diff content, and raw source code files from the local branch.
  • Boundary markers: The skill does not define explicit delimiters or instructions to the agents to ignore embedded commands within the code being reviewed.
  • Capability inventory: The skill can execute shell commands, read local files, and communicate with the GitHub API to post comments.
  • Sanitization: Content is aggregated into a JSON payload for GitHub API reviews, but there is no evidence of filtering or escaping malicious instructions embedded in the input code.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 02:07 AM