Skills
skills/darraghh1/my-claude-setup/code-review/Gen Agent Trust Hub

code-review

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection due to its core workflow of processing untrusted content.
  • Ingestion points: The agent reads phase files (Step 1) and source code files (Step 5) which are external to the skill's own logic.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat embedded text as data rather than instructions when reading these files.
  • Capability inventory: The skill has access to high-impact tools including Write, Edit, and Bash, which could be exploited if the agent follows malicious instructions hidden in the codebase.
  • Sanitization: No sanitization or filtering is performed on the ingested content before it influences the agent's decision-making or code-generation process.
  • [COMMAND_EXECUTION]: The skill performs automated command-line operations to facilitate its review process.
  • Evidence: It uses Bash to execute Git commands (git log, git diff) to identify changes.
  • Evidence: It executes a local Python validation script (scripts/validate_review.py) and a hook script via uv run to ensure structural integrity of the output.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 02:33 PM