reviewer-process
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill executes git CLI commands such as fetch and diff to perform its review. This involves repository filesystem access and network calls to the origin server.
- [PROMPT_INJECTION] (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8). Ingestion points: The agent ingests untrusted data from git diff outputs and repository file contents. Boundary markers: Absent. There are no instructions to the agent to treat repository content as untrusted data or use delimiters. Capability inventory: The agent has the ability to read files, execute git commands, and write changes to the filesystem. Sanitization: No sanitization or escaping of the ingested code content is performed before the agent processes it for review or applies fixes.
Audit Metadata