review-perf
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
git diff --cached --name-onlyto programmatically retrieve the list of files that have been staged for a commit. This is a standard operation for developer tools integrated with version control systems. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes external, untrusted source code.
- Ingestion points: Source code files retrieved from conversation context, Git staged changes, or codebase-wide globbing.
- Boundary markers: None detected; the skill does not wrap the code in specific delimiters or provide instructions to ignore embedded directives within comments.
- Capability inventory: Read-only access to codebase files and report generation. No destructive or network-facing capabilities are utilized.
- Sanitization: None; the agent processes the raw text of the codebase to perform its analysis.
Audit Metadata