Skills
skills/davila7/claude-code-templates/requesting-code-review/Gen Agent Trust Hub

requesting-code-review

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • PROMPT_INJECTION (LOW): The code-reviewer.md template interpolates untrusted external data like {DESCRIPTION} and {WHAT_WAS_IMPLEMENTED} directly into the prompt without boundary markers. An attacker could embed instructions in these fields to manipulate the agent's review logic. Evidence Chain: 1. Ingestion points: {WHAT_WAS_IMPLEMENTED}, {PLAN_OR_REQUIREMENTS}, {BASE_SHA}, {HEAD_SHA}, {DESCRIPTION} in code-reviewer.md. 2. Boundary markers: Absent. 3. Capability inventory: git command execution in code-reviewer.md. 4. Sanitization: Absent.
  • COMMAND_EXECUTION (LOW): The skill dynamically constructs shell commands (git diff --stat {BASE_SHA}..{HEAD_SHA}) using runtime variables. While limited to Git, this pattern could lead to command injection if the input variables are not properly validated or escaped before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 04:56 PM