sslb
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) as it is designed to process and analyze untrusted external data (code files and git diffs).
- Ingestion points: The skill reads content from user-provided file paths, directories, or git diff outputs as specified in the '审查范围' (Review Scope) section of SKILL.md.
- Boundary markers: There are no explicit boundary markers or instructions to ignore embedded commands within the code being analyzed.
- Capability inventory: The skill's primary capability is generating structured text-based review conclusions; it does not explicitly invoke shell commands, network operations, or file system writes within the provided instructions.
- Sanitization: No input validation or sanitization routines are defined to handle malicious instructions embedded in the reviewed code.
Audit Metadata