code-review-excellence
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a helper script
scripts/pr-analyzer.pythat executes local git commands to analyze pull request size. - Evidence: The script uses
subprocess.run(['git', '-C', str(repo), 'diff', '--numstat', args.base, args.head], ...)to fetch statistics. - Analysis: The execution is handled securely by passing arguments as a list and avoiding the use of a shell (
shell=True), which prevents command injection. This is a standard functional component of the skill.- [PROMPT_INJECTION]: The skill is designed to process untrusted data from pull requests and git diffs, creating a surface for indirect prompt injection. - Ingestion points: Pull request descriptions and code changes are read as part of the review process in
SKILL.mdandscripts/pr-analyzer.py. - Boundary markers: There are no specific instructions or delimiters provided to the agent to distinguish between its own operational instructions and potentially malicious instructions embedded within the code being reviewed.
- Capability inventory: The skill has the ability to execute local filesystem commands via the included
pr-analyzer.pyscript. - Sanitization: No evidence of validation or sanitization of the external code input is present.
Audit Metadata