Skills
skills/fandhe-ai/agent-cli-skills/implement-review/Gen Agent Trust Hub

implement-review

Pass

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local shell commands to retrieve repository changes for analysis.
  • Evidence: git diff main...HEAD --stat and git diff main...HEAD in SKILL.md.
  • [PROMPT_INJECTION]: The skill processes untrusted external code changes, which creates an attack surface for indirect prompt injection if the code being reviewed contains malicious instructions.
  • Ingestion points: Output of git diff in SKILL.md is fed into the agent's context for review.
  • Boundary markers: None identified; the skill does not explicitly use delimiters to separate diff content from instructions.
  • Capability inventory: Read-only access to repository state and metadata via git; report generation tools.
  • Sanitization: None identified; the skill depends on the model's internal safety filters to ignore instructions embedded within the code it reviews.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 23, 2026, 11:14 AM