requesting-code-review
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses 'git rev-parse' and 'git diff' to identify and inspect code changes between commits. These operations are essential for the primary purpose of code review and are limited to local repository metadata and content retrieval.
- [PROMPT_INJECTION]: The skill processes untrusted code via Git diffs, creating a surface for indirect prompt injection. 1. Ingestion points: Code changes are read via 'git diff' and passed to the 'code-reviewer' subagent in 'code-reviewer.md'. 2. Boundary markers: The subagent template uses structured Markdown headers and labeled sections to delineate instructions from code content. 3. Capability inventory: Actions are restricted to Git read operations and coordination of internal subagents ('code-reviewer', 'task-bug-fixer'). 4. Sanitization: No explicit escaping or sanitization of diff content is implemented beyond standard Markdown formatting.
Audit Metadata