Skills
skills/existential-birds/beagle/review-frontend/Gen Agent Trust Hub

review-frontend

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands like git diff, grep, and project-specific npm scripts (lint, typecheck, test). Executing scripts defined in an untrusted repository's package.json poses a security risk as these scripts can be modified to run arbitrary code.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it ingests untrusted code and diffs and uses them to guide agent behavior.
  • Ingestion points: Target files and git diff output (referenced in SKILL.md).
  • Boundary markers: Absent; instructions do not provide delimiters or warnings to ignore embedded instructions in the code being reviewed.
  • Capability inventory: Shell access (git, grep, npm) and tool-based skill/task management (referenced in SKILL.md).
  • Sanitization: Absent; content from the repository is processed without validation or escaping.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 04:17 AM