Skills
skills/jackiexiao/jackie-skills-cn-top50/requesting-code-review/Gen Agent Trust Hub

requesting-code-review

Pass

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (LOW): The reviewer subagent processes untrusted data including code diffs and implementation descriptions which could contain instructions to influence the review verdict. 1. Ingestion points: {WHAT_WAS_IMPLEMENTED}, {PLAN_OR_REQUIREMENTS}, and the output of git diff. 2. Boundary markers: Uses markdown headers in code-reviewer.md but lacks instructions to ignore embedded commands in diffs. 3. Capability inventory: Executes git diff and git rev-parse commands. 4. Sanitization: No sanitization or escaping of input variables is defined.
  • [Command Execution] (LOW): The template in code-reviewer.md uses placeholders ({BASE_SHA}, {HEAD_SHA}) directly in shell commands. If an attacker can influence these values (e.g., through a malicious pull request description parsed by an agent), it could lead to command injection.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 20, 2026, 06:05 AM