Skills
skills/ericoo0/stock-trading-platform/requesting-code-review/Gen Agent Trust Hub

requesting-code-review

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local git commands to retrieve commit history and code differences for analysis. Evidence: SKILL.md uses git rev-parse and git log, while code-reviewer.md instructs the subagent to run git diff. These operations are essential for the primary purpose of code review.
  • [PROMPT_INJECTION]: The subagent template in code-reviewer.md is susceptible to indirect prompt injection because it interpolates user-controlled data into instructions.
  • Ingestion points: Placeholders such as {WHAT_WAS_IMPLEMENTED}, {PLAN_OR_REQUIREMENTS}, and {DESCRIPTION} in code-reviewer.md.
  • Boundary markers: The template uses standard Markdown structure but lacks explicit delimiters or safety instructions to prevent the subagent from following commands embedded in the provided data.
  • Capability inventory: The subagent has access to the local git repository and can execute commands to inspect code via code-reviewer.md.
  • Sanitization: No sanitization or validation is applied to the content injected into the prompt placeholders.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 04:22 PM