Skills
skills/obra/superpowers-skills/Requesting Code Review/Gen Agent Trust Hub

Requesting Code Review

Pass

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION] (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8) as it processes untrusted data from the codebase being reviewed.\n
  • Ingestion points: The subagent in code-reviewer.md ingests code content via git diff output and the {WHAT_WAS_IMPLEMENTED} input variable.\n
  • Boundary markers: Absent. The template does not use clear delimiters or specific instructions to the agent to treat the diff content as data only and ignore any embedded commands.\n
  • Capability inventory: The subagent can execute shell commands (git diff) and generate reports that influence the development workflow.\n
  • Sanitization: No sanitization or validation is performed on the code content or the commit SHAs provided to the subagent.\n- [COMMAND_EXECUTION] (SAFE): The skill uses local git commands (git rev-parse, git diff) to identify and analyze changes between commits. This behavior is necessary for the skill's primary purpose and does not involve downloading or executing remote scripts.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 20, 2026, 08:51 AM