review-tui
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes local developer tools such as git, grep, go, and golangci-lint for repository analysis and code verification. These actions are consistent with the skill's purpose and are confined to the local environment.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection (Category 8) due to its core function of processing untrusted source code. Ingestion points: The skill reads file contents and git diff output to perform its review. Boundary markers: The instructions do not define specific delimiters for the ingested code content. Capability inventory: The skill can execute local toolchain commands based on its analysis. Sanitization: No explicit sanitization or filtering of the source code is specified before it enters the agent's context.
Audit Metadata