code-review
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses several git commands (git fetch, git pull, git diff, git log) and shell utilities (xargs, sort, uniq) to synchronize with the remote and identify files for review. These commands are necessary for the skill's primary function and are performed on the local repository context.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted source code and git metadata.\n
- Ingestion points: Reading source files and git diff output during the review process (SKILL.md).\n
- Boundary markers: Absent. The skill does not use specific delimiters or instructions to separate user code from agent instructions.\n
- Capability inventory: Execution of local git commands and filesystem writes for report generation.\n
- Sanitization: Absent. The code and diffs are analyzed directly without filtering for potential injection patterns.
Audit Metadata