Skills
skills/garden-co/jazz/review-current-branch/Gen Agent Trust Hub

review-current-branch

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill processes untrusted data from git diffs and repository files, which are then interpolated into the instructions for multiple sub-agents.
  • Ingestion points: The skill ingests the output of git diff main...HEAD and the contents of changed files (via the Read tool) directly into agent prompts.
  • Boundary markers: The prompts for the 'Bug Hunter', 'Performance', 'Simplicity', and 'Integration Test Coverage' agents do not use explicit delimiters (like XML tags or markdown blocks) or instructions to ignore embedded natural language commands within the code being reviewed.
  • Capability inventory: The skill has the capability to spawn sub-agents (via the Agent tool) and read arbitrary local files (via the Read tool).
  • Sanitization: There is no evidence of sanitization or escaping of the diff content before it is passed to the LLM agents.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 05:03 PM