quality-audit
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands via
bashto identify modified files for analysis (e.g.,git diff). This is a functional requirement for its stated purpose of auditing code changes. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes source code files (PHP, JS, TS) which could contain malicious instructions designed to influence the agent's analysis or the behavior of the sub-agent.
- Ingestion points: Local source files identified via Glob and Grep in the
Tier 1andTier 2execution paths. - Boundary markers: The skill does not use explicit boundary markers or instructions to ignore embedded prompts within the analyzed files.
- Capability inventory: The skill can execute shell commands, write files to the local system, and spawn sub-agents via the
Task()interface. - Sanitization: There is no evidence of sanitization or filtering applied to the code content before it is processed or passed into the sub-agent prompt.
Audit Metadata