fix-review
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes system tools such as git, gh (GitHub CLI), and grep to perform code analysis and version control operations. These are standard tools for development and security auditing workflows.
- [PROMPT_INJECTION]: The skill includes 'Iron Laws' and 'MANDATORY' instructions to ensure audit thoroughness. These represent natural instructional directives for the domain and do not attempt to bypass safety filters. This category also covers the indirect prompt injection surface: the skill ingests untrusted data from git diffs and reports. Ingestion points: findings-report.md and git commands; boundary markers: absent; capability inventory: Bash, Write, and Grep tools; sanitization: not explicitly defined for the ingested code.
- [EXTERNAL_DOWNLOADS]: The skill references resources from Trail of Bits, a well-known and trusted security organization. These references are used for documentation and methodology attribution.
Audit Metadata