review-changes
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes local commands including
git status,git diff, and a project-specific scriptpython .claude/scripts/code_graph. These executions are essential for identifying and tracing the impact of code changes and are constrained to the local repository environment. - [PROMPT_INJECTION]: The skill processes untrusted content from uncommitted code changes. Ingestion points: Repository files analyzed via git commands (SKILL.md). Boundary markers: Absent. Capability inventory: Includes file writing to local reports, task management via TaskCreate, and sub-agent spawning via the Agent tool (SKILL.md). Sanitization: Absent; the skill instead relies on a mandatory 'Review Mindset' and 'Evidence Gate' protocol requiring specific file:line code traces for every finding to mitigate risks of indirect prompt injection or hallucinations.
Audit Metadata