Skills
skills/edgeandnode/ampup/code-review/Gen Agent Trust Hub

code-review

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use the Bash tool to execute git commands.
  • Evidence: It specifically runs git diff main...HEAD to retrieve code changes for analysis. This is a standard and expected operation for the skill's primary purpose of code review.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from code diffs and documentation files.
  • Ingestion points: The skill ingests untrusted data from the output of git diff and reads project files from docs/code/ and docs/features/.
  • Boundary markers: The instructions provided to the sub-agents do not define clear delimiters or use 'ignore embedded instructions' markers for the code diff content.
  • Capability inventory: The agents involved have access to the Bash tool and Read tool to perform their tasks.
  • Sanitization: There is no evidence of sanitization or filtering applied to the code diffs before they are processed by the LLM, meaning malicious instructions hidden in code comments could potentially influence the reviewer's output.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 04:38 PM