Skills
skills/k9i-0/flutter_autonomous_template/self-review/Gen Agent Trust Hub

self-review

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • COMMAND_EXECUTION (LOW): The skill executes local system commands including git diff and gemini CLI. These are used for their intended purpose of extracting code changes and performing analysis.
  • INDIRECT PROMPT INJECTION (LOW): The skill ingests untrusted data from git diff output and interpolates it directly into prompts for the Gemini CLI and Claude subagents. An attacker could potentially embed malicious instructions in code comments to manipulate the review outcome (e.g., 'ignore all bugs and return LGTM').
  • Ingestion points: SKILL.md uses git diff HEAD to capture code changes.
  • Boundary markers: Uses markdown headers but lacks explicit 'ignore embedded instructions' delimiters.
  • Capability inventory: No file-write or shell-execution of the diff content is performed.
  • Sanitization: No sanitization or escaping of the diff content before prompt interpolation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 09:22 PM