Skills
skills/factory-ai/skills/code-review/Gen Agent Trust Hub

code-review

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local shell commands (git diff --staged, git diff) to retrieve source code changes for analysis. These are standard read operations for a code review tool.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing untrusted data (code diffs and patches) that could contain malicious instructions meant to subvert the agent's behavior.
  • Ingestion points: Data is ingested from git diff command outputs and user-provided patch/diff strings in the SKILL.md file.
  • Boundary markers: Absent. The instructions do not define clear delimiters or provide the agent with "ignore embedded instructions" warnings for the content being reviewed.
  • Capability inventory: The skill uses git to read repository states.
  • Sanitization: Absent. There is no evidence of input validation, escaping, or filtering of the code content before it is processed by the AI.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 06:58 AM