Skills
skills/ibrahim-3d/conductor-orchestrator-superpowers/requesting-code-review/Gen Agent Trust Hub

requesting-code-review

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands like git rev-parse, git log, and git diff to identify commit SHAs and retrieve code changes for review.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection where malicious instructions could be embedded in the code diffs processed by the subagent.
  • Ingestion points: The subagent processes output from git diff as specified in the code-reviewer.md template.
  • Boundary markers: No explicit delimiters or safety instructions are used to wrap the code content in the review template to distinguish it from reviewer instructions.
  • Capability inventory: The agent has the capability to execute git commands and perform subagent task dispatching based on the data processed.
  • Sanitization: No sanitization or filtering of the code content is performed before it is presented to the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 03:30 AM