review-hgsc
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it is designed to analyze untrusted data from source code and git diffs without adequate security measures.
- Ingestion points: Data is ingested from user-provided file paths, directories, and git diff outputs (staged/unstaged) via the $ARGUMENTS variable.
- Boundary markers: The instructions lack specific requirements for boundary markers or explicit prompts telling the agent to ignore instructions embedded within the code it is reviewing.
- Capability inventory: The skill requires the ability to read arbitrary local files and execute git commands to perform its primary function of code review.
- Sanitization: There is no evidence of input validation or sanitization to prevent malicious code comments from influencing the agent's behavior.
Audit Metadata