code-review
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes external code and reviewer feedback without explicit sanitization or boundary markers. Malicious instructions embedded in code comments or feedback could potentially influence the agent's behavior. * Ingestion points: Code files accessed via git (SKILL.md) and feedback from external reviewers (references/code-review-reception.md). * Boundary markers: None identified in the provided instructions to separate untrusted data from instructions. * Capability inventory: Shell access (git, grep, tests, builds) and subagent dispatch via the Task tool. * Sanitization: No evidence of escaping or filtering of external content before processing.
- [COMMAND_EXECUTION]: The skill utilizes shell commands to perform its primary function of code analysis and version control management. These are standard operations for the intended use case. * Evidence: Use of git rev-parse, git diff, and grep commands in SKILL.md and references/edge-case-scouting.md.
Audit Metadata