Skills
skills/dokhacgiakhoa/antigravity-ide/requesting-code-review/Gen Agent Trust Hub

requesting-code-review

Warn

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The code-reviewer.md template constructs shell commands such as git diff {BASE_SHA}..{HEAD_SHA} using string interpolation. If the SHA variables are sourced from untrusted input and contain shell metacharacters, it could lead to arbitrary command execution.
  • [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection as the code review subagent processes code changes that could contain adversarial instructions.
  • Ingestion points: The code-reviewer.md template reads content from git diff outputs and user-provided placeholders.
  • Boundary markers: Absent. Variables are interpolated directly into the prompt without delimiters or instructions to ignore embedded commands.
  • Capability inventory: The agent can execute shell commands via the git CLI.
  • Sanitization: No validation or escaping is applied to the git diff output or the SHA identifiers before they are used in shell commands.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 8, 2026, 01:54 PM