code-review
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the agent to run various shell commands to synchronize the local environment with the remote repository and identify files for review.
- Evidence: SKILL.md contains instructions to execute git fetch, git pull, and a pipeline involving git log and xargs to locate frequently modified files.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted source code which may contain malicious instructions designed to manipulate the agent's review output.
- Ingestion points: Source code files and git diffs accessed via commands in SKILL.md (Review Modes).
- Boundary markers: Absent; there are no specific delimiters or instructions used to isolate code content from the agent's task instructions.
- Capability inventory: The skill has the capability to read files and execute git commands as defined in SKILL.md.
- Sanitization: No sanitization or validation of the ingested code content is performed prior to analysis.
Audit Metadata