code-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill utilizes standard, read-only git commands such as
git rev-parseandgit logto identify commit SHAs for review purposes. - [PROMPT_INJECTION] (SAFE): The instructions use emphatic language to enforce operational discipline (e.g., 'The Iron Law') but do not contain attempts to override safety protocols or exfiltrate data.
- [INDIRECT_PROMPT_INJECTION] (LOW): As a code review skill, it naturally processes external data (reviewer comments). It includes explicit safeguards, instructing the agent to verify all external suggestions and push back against technically unsound advice, which serves as a defensive measure against indirect injection.
Audit Metadata