Skills
skills/dougkeefe/gc-code-skills/gc-review-a11y/Gen Agent Trust Hub

gc-review-a11y

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8).
  • Ingestion points: The skill reads local source code files and git diff outputs in Step 1 and Step 3 to perform its review.
  • Boundary markers: There are no explicit instructions or delimiters provided to the agent to disregard instructions embedded within the reviewed code (e.g., within HTML or JavaScript comments).
  • Capability inventory: The skill uses an 'Edit' tool to modify files in Step 6 based on its findings, which could be abused if an injection is successful.
  • Sanitization: No sanitization or filtering of the input data is performed before the content is processed by the LLM.
  • [COMMAND_EXECUTION]: The skill executes local shell commands (git rev-parse, git diff) to identify code changes for review. While these are necessary for its stated purpose, they represent a point of interaction with the local system environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 03:36 AM