Skills
skills/nesnilnehc/ai-cortex/review-diff/Gen Agent Trust Hub

review-diff

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to ingest and interpret git diff content, which may contain malicious instructions embedded within code comments or metadata.
  • Ingestion points: The skill accepts git diff (staged and unstaged) as its primary input, as defined in the input_schema of SKILL.md.
  • Boundary markers: There are no explicit delimiters or specific instructions provided to the agent to distinguish between the skill's instructions and potentially adversarial commands embedded within the diff content.
  • Capability inventory: The skill generates a findings list and lacks dangerous capabilities like arbitrary command execution, network access, or file modification within its own logic.
  • Sanitization: There is no evidence of sanitization or filtering of the input diff data before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 05:41 AM