dual-pass-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill ingests untrusted data in the form of code diffs, which could theoretically contain malicious instructions. However, this is inherent to the code review use-case and the risk is mitigated by the structured checklist approach. \n
- Ingestion points: Output from git status and git diff commands in Step 1 and Step 5. \n
- Boundary markers: Absent; the skill does not define specific delimiters for separating the diff content from instructions. \n
- Capability inventory: Bash, Write, Edit, Grep, Glob, and Task tools. \n
- Sanitization: Absent; the skill relies on the agent's objective adherence to the provided checklist items.
Audit Metadata