Skills
skills/mgratzer/forge/forge-reflect/Gen Agent Trust Hub

forge-reflect

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local development tools including git and gh to identify code changes and fetch PR details. It also runs project-defined quality gates such as linting and testing scripts as specified in Step 1 and Step 3.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from code diffs and PR descriptions which could contain instructions to influence the agent.
  • Ingestion points: Reads data via git diff and gh pr view in Step 1.
  • Boundary markers: The skill does not implement explicit boundary markers or instructions to ignore embedded prompts within the diff content.
  • Capability inventory: The agent has the capability to execute arbitrary shell commands (via tests), modify local files (applying fixes), and interact with the GitHub API (creating issues).
  • Sanitization: No sanitization is performed on the ingested code content before it is processed by the review agents.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 12:05 PM