Skills
skills/e0ipso/self-review/self-review-critique/Gen Agent Trust Hub

self-review-critique

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the bash tool to run git diff, git rev-parse, and xmllint. It also uses node for timestamp generation. These commands are necessary for analyzing the repository and validating the generated XML output.\n- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection because it analyzes untrusted data from git diffs and repository files.\n
  • Ingestion points: git diff output, .self-review.yaml configuration file, and source file contents (SKILL.md).\n
  • Boundary markers: The skill's output is constrained to a specific XML schema, providing structural separation between the analysis and the generated report.\n
  • Capability inventory: The agent can execute local commands via bash and write files to the local filesystem.\n
  • Sanitization: The instructions require XML-escaping of all text content to prevent structural injection in the output file.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 03:26 AM