code-review
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python utility at
.claude/scripts/code_graphto perform architectural analysis, such as calculating blast radius for changes and identifying missing test coverage. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection due to its core function of processing untrusted codebase data.
- Ingestion points: Reads and analyzes source code, documentation, and configuration files via
Read,Grep, andGlobtools. - Boundary markers: Absent. The skill does not employ specific delimiters or instruction-isolation techniques when reading file content for review.
- Capability inventory: The skill possesses powerful tools including
Bash,Write,Edit, andTaskCreate, which could be targeted by instructions embedded in the reviewed data. - Sanitization: Absent. There is no evidence of sanitization or validation performed on the content of the files before they are ingested into the agent's context.
Audit Metadata