review-ruby-code
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes several local CLI tools including
gitfor change detection,rubycriticfor static analysis, andbundle exec rspecfor test execution. These actions are standard for a development-focused tool and are necessary for its primary function. - [PROMPT_INJECTION]: The skill is subject to the risk of indirect prompt injection because it reads and processes the content of Ruby source files. Maliciously crafted comments or code patterns in the analyzed repository could theoretically influence the generated review summary, although this is a common risk for automated review tools and no specific bypasses are included in the skill itself.
- [DATA_EXPOSURE]: The skill accesses local repository files and Git configuration to perform its analysis. This access is restricted to the local environment and the skill does not contain instructions to transmit this data to external servers.
Audit Metadata