review-python
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes several shell commands including
git diff,grep,ruff, andmypyto identify modified files and enforce project quality standards. These are standard development tools used for their intended purposes.\n- [EXTERNAL_DOWNLOADS]: The skill dynamically loads supplementary skills from thebeagle-pythonandbeagle-ainamespaces (e.g.,beagle-python:fastapi-code-review) to handle specialized technology stacks detected during the review process.\n- [PROMPT_INJECTION]: The skill processes untrusted source code, which creates a surface for indirect prompt injection.\n - Ingestion points: Source code files and diffs are ingested via
git diffandgrepcommands as specified in SKILL.md.\n - Boundary markers: There are no explicit instructions or delimiters used to separate the code content from the agent's instructions, potentially allowing embedded malicious comments to influence the agent.\n
- Capability inventory: The agent has the ability to execute shell commands and load additional specialized skills, which could be misdirected by instructions hidden in the code being reviewed.\n
- Sanitization: Code content is analyzed directly without escaping or validation of potential instructions embedded in comments or strings.
Audit Metadata