code-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest and analyze external data (source code and git diffs) which may contain adversarial instructions intended to influence the agent's behavior during the review process.
- Ingestion points: Local file content and version control metadata accessed via
git diff,cubic review, andamp reviewcommands. - Boundary markers: The skill instructions do not specify any delimiters (e.g., XML tags or triple quotes) or 'ignore' instructions to separate untrusted code from the agent's system prompt.
- Capability inventory: The skill utilizes shell command execution for
git,cubic, andamptools. - Sanitization: No sanitization or validation of the code content or file paths is defined within the skill workflow.
Audit Metadata