code-review
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands such as
git diff,npm run test, andmake checkto determine the scope of changes and verify code quality. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. Ingestion points: untrusted data enters the context via PR descriptions, linked issues, task specifications, and file diffs. Boundary markers: the skill lacks explicit delimiters or instructions to ignore embedded commands in the data being reviewed. Capability inventory: the agent is authorized to run subprocesses such as
npm run testandmake check. Sanitization: there is no mention of validating or escaping scripts within configuration files likepackage.jsonorMakefilebefore they are executed. A malicious codebase could leverage these scripts to perform unauthorized actions when the agent performs a review.
Audit Metadata