implement
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs subprocess execution of development tools including
go testandnpm testas part of the TDD cycle. It also executes a CLI tool namedcodexto handle code review requests. - [DATA_EXFILTRATION]: Repository metadata and code changes are written to a temporary file (
/tmp/codex-review.md) and processed by thecodextool for the purpose of sending data to an external service for review. - [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection through its document processing workflow.
- Ingestion points: Technical plans and task requirements are read from local markdown files specified by the user via the
--planparameter. - Boundary markers: The skill does not employ delimiters or specific instructions to the agent to ignore potential commands embedded within the technical plans.
- Capability inventory: The skill possesses the capability to execute shell commands and modify the local filesystem based on the parsed tasks.
- Sanitization: Input from plan files is not sanitized or validated before being used to generate implementation tasks and subsequent code changes.
Audit Metadata