Skills
skills/keboola/ai-kit/review-component/Gen Agent Trust Hub

review-component

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface.
  • Ingestion points: The agent is instructed to read and analyze untrusted content from the repository, including git diff output and project files like CLAUDE.md or pyproject.toml (identified in SKILL.md).
  • Boundary markers: The instructions lack specific boundary markers or requirements to ignore instructions embedded within the data being reviewed.
  • Capability inventory: The agent uses Bash, Glob, Grep, and Read tools, which provide a wide range of actions that could be triggered by malicious code.
  • Sanitization: No sanitization or validation methods for the ingested code are specified.
  • [COMMAND_EXECUTION]: The skill relies on the Bash tool to execute commands for repository inspection and analysis, such as git diff.
  • [EXTERNAL_DOWNLOADS]: The skill references the keboola/cookiecutter-python-component GitHub repository as an authoritative template source. This is a verified resource from the vendor 'keboola'.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 10:34 AM