Skills
skills/kamranahmedse/diffity/diffity-review/Gen Agent Trust Hub

diffity-review

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the diffity utility globally using npm install -g diffity if the tool is not already present on the host system.
  • [COMMAND_EXECUTION]: The skill invokes multiple local commands, including git diff, npm, curl, and various diffity CLI subcommands. Notably, it uses the result of a local API request to construct the arguments for the git diff command.
  • [PROMPT_INJECTION]: The skill processes untrusted external data from the local filesystem (git diffs and full file contents), which creates an opportunity for indirect prompt injection if the code being reviewed contains instructions intended to influence the agent.
  • Ingestion points: In Step 2 of SKILL.md, the agent is instructed to read the output of git diff and the entire content of every changed file.
  • Boundary markers: Absent. There are no instructions to wrap file content in delimiters or to ignore instructions embedded within the code.
  • Capability inventory: The agent has the capability to execute shell commands (npm, git, curl, diffity), read local files, and make network requests to localhost.
  • Sanitization: Absent. No validation or sanitization is performed on the file content or diff output before it is passed to the LLM for analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 10:39 PM