refining
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes local developer tools such as
git, the GitHub CLI (gh), and the GitLab CLI (glab) to perform its functions. These operations include checking staged changes, creating commits, and submitting pull/merge requests, which are standard for a code-refining tool. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes code changes from potentially untrusted sources to generate summaries. This risk is inherent to its primary purpose as a code review assistant. The skill documentation includes checklists to help identify security issues in the code it reviews.
- Ingestion points: File content and git metadata accessed via
git diffandgit log. - Boundary markers: No explicit delimiters are specified for the untrusted code content being analyzed.
- Capability inventory: The skill uses
git commit,gh pr create, andglab mr createto interact with the repository and remote platforms. - Sanitization: No specific sanitization or validation of the ingested code content is performed prior to prompt interpolation.
Audit Metadata