Skills
skills/fradser/dotclaude/quick/Gen Agent Trust Hub

quick

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell execution to identify the current environment and repository state.
  • Evidence: Commands like git branch --show-current, git status --porcelain, and git diff are used to populate the review context.
  • Context: These commands are used for read-only inspection of the local workspace to determine the scope of the review.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the code and commit history it processes.
  • Ingestion points: Source code files, Git diff outputs, and Git log messages are ingested into the context of sub-agents (e.g., @code-reviewer, @security-reviewer).
  • Boundary markers: There are no explicit delimiters or instructions provided to the sub-agents to ignore potentially malicious directives embedded in the analyzed code.
  • Capability inventory: The skill has the ability to execute shell commands (via Task tool) and optionally apply code fixes and run test suites.
  • Sanitization: No sanitization is performed on the data retrieved from the Git repository before it is processed by the LLM sub-agents.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 08:20 PM