code-review
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes internal bash scripts located in the scripts/ directory, such as review-run.sh and review-read.sh, to perform code scans and display results.
- [EXTERNAL_DOWNLOADS]: The skill utilizes the CodeRabbit CLI, which is a well-known third-party tool for code review automation.
- [DATA_EXFILTRATION]: Local source code is transmitted to the external CodeRabbit service for analysis. This is a core feature of the skill's integration.
- [PROMPT_INJECTION]: The skill ingests untrusted data from local code files which could contain embedded instructions (Indirect Prompt Injection). 1. Ingestion points: Uncommitted files or branch diffs processed by the scripts. 2. Boundary markers: No delimiters or warnings are specified in the provided documentation. 3. Capability inventory: Subprocess calls to bash scripts and network communication with the CodeRabbit API. 4. Sanitization: No sanitization or validation of the ingested code content is mentioned in the skill definition.
Audit Metadata