review
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks were detected. The skill automates a legitimate development workflow using standard shell commands and local file access.
- [COMMAND_EXECUTION]: The skill uses
git,grep, andbashto identify changes and search for specific patterns. These tools are used appropriately for code analysis and do not involve executing untrusted input as commands. - [PROMPT_INJECTION]: The skill processes code diffs which are external inputs. While this presents an 'Indirect Prompt Injection' surface, the risk is mitigated by the design of the workflow.
- Ingestion points: The
git diffoutput is read into the agent context (SKILL.md). - Boundary markers: None explicitly defined to separate code data from instructions.
- Capability inventory: The agent has
EditandWritetools to modify the codebase (SKILL.md). - Sanitization: The skill requires an
AskUserQuestionconfirmation for every fix, placing a human in the loop before any data-driven actions are taken.
Audit Metadata