local-review
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes 'npm test' and the 'kspec' CLI tool (a vendor-specific resource) to execute local tests and validate repository state. These commands are core to the skill's function and do not appear to be used maliciously.
- [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection by processing data from git logs, diffs, and source code comments to identify review targets.
- Ingestion points: Processes commit messages via 'git log' and code changes via 'git diff' as described in 'SKILL.md'.
- Boundary markers: No explicit delimiters are specified to isolate ingested external data from the agent's internal instructions.
- Capability inventory: Performs subprocess execution of 'git', 'grep', 'jq', and 'npm' across multiple steps in 'SKILL.md'.
- Sanitization: There is no visible sanitization of data extracted from the repository before it is used to drive discovery and search logic.
Audit Metadata