code-review
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes git and gh commands (git diff, gh pr diff, git show) to retrieve source code for analysis. It also runs a local Python script via 'python3 scripts/smart_commit_analyzer.py' to perform regression testing.
- [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection as it evaluates content from external diffs and pull requests. Ingestion points: code content fetched from git and GitHub CLI; Boundary markers: None; Capability inventory: shell command execution and Python script execution; Sanitization: None.
Audit Metadata