review
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted code diffs provided through the $ARGUMENTS variable, creating a surface for indirect prompt injection where attackers could embed malicious instructions in code comments.
- Ingestion points: Code diffs passed via $ARGUMENTS variable.
- Boundary markers: The prompt lacks explicit delimiters or instructions to ignore instructions embedded in analyzed data.
- Capability inventory: The skill description mentions the agent 'invokes the consultant CLI', indicating command execution capabilities.
- Sanitization: No input validation or sanitization of the provided arguments is specified.
Audit Metadata