diffity-resolve
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructions include a step to install the 'diffity' CLI tool globally using 'npm install -g diffity' if it is not found on the user's path.- [COMMAND_EXECUTION]: The skill relies on executing various 'diffity' CLI commands, such as 'diffity agent list', 'diffity agent resolve', and 'diffity agent reply', to interact with the review session and manage comment threads.- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes review comments from an external JSON source and instructs the agent to interpret the intent and make the requested changes. This could be exploited by an attacker providing malicious instructions within a comment body to trigger unintended code changes or agent actions.
- Ingestion points: JSON output from 'diffity agent list --status open --json' (SKILL.md).
- Boundary markers: None identified.
- Capability inventory: Use of the 'Edit tool' for file modification and 'diffity' CLI for state management (SKILL.md).
- Sanitization: None identified; the agent is instructed to follow the intent of the comments directly.
Audit Metadata