change-reaudit
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions are focused on providing a systematic approach to code auditing. It defines clear procedures (Gates 0-4) and guardrails to ensure findings are evidence-based.
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and process untrusted data in the form of repository code and diffs. While this presents a surface for indirect prompt injection (e.g., a malicious diff attempting to trick the reviewer into approving bad code), the risk is inherent to the tool's primary purpose and the agent's output is presented to a human reviewer for validation.
- Ingestion points:
SKILL.md(lines 53-56) instructions to gather diffs, file lists, and test content directly from the repository. - Boundary markers: None explicitly defined in the instructions to delimit user-provided code from agent instructions.
- Capability inventory: The skill identifies risks, suggests test additions, and provides code snippets for fixes. It does not perform network operations or execute shell commands.
- Sanitization: No explicit sanitization or filtering of input code is mentioned.
Audit Metadata