Skills
skills/folio-org/folio-eureka-ai-dev/code-review/Gen Agent Trust Hub

code-review

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses local git commands, specifically git diff and git rev-parse, to gather code changes and branch metadata for analysis.
  • [EXTERNAL_DOWNLOADS]: The skill downloads a reference RFC document from the vendor's own repository (folio-org/rfcs) using curl to validate architectural compliance.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted code from git diffs. Ingestion points: git diff output processed in SKILL.md. Boundary markers: Absent. Capability inventory: git and curl commands. Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 04:50 PM