Skills
skills/jackiexiao/jackie-skills-dev/requesting-code-review/Gen Agent Trust Hub

requesting-code-review

Pass

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • Prompt Injection (LOW): The template in code-reviewer.md is vulnerable to Indirect Prompt Injection. It ingests potentially untrusted data through the {DESCRIPTION} and {PLAN_REFERENCE} placeholders without utilizing boundary markers or sanitization. * Ingestion points: {DESCRIPTION} and {PLAN_REFERENCE} in code-reviewer.md. * Boundary markers: Absent; there are no delimiters separating instructions from external data. * Capability inventory: Subprocess execution of git diff and git log. * Sanitization: None detected.
  • Command Execution (LOW): The skill performs shell command execution using the git utility. Placeholders such as {BASE_SHA} and {HEAD_SHA} are interpolated directly into shell command strings. If these parameters are sourced from untrusted metadata (e.g., in a public pull request scenario), it creates a surface for command injection.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 20, 2026, 07:11 AM