cy-review-round
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes standard local development commands such as
git difffor change discovery andmake lintfor code quality filtering. It also references a local verification utility,cy-final-verify. These operations are consistent with the tool's purpose as a code review and auditing assistant. - [INDIRECT_PROMPT_INJECTION]: The skill processes external content from the repository, including source code, PRDs, and technical specs. This provides a surface for indirect prompt injection where maliciously crafted content could attempt to influence the agent's logic.
- Ingestion points: The agent reads various implementation files and documentation from the
.compozy/tasks/directory and the wider repository (SKILL.md, Steps 2 and 3). - Boundary markers: None explicitly defined; the instructions direct the agent to read the full content of the files.
- Capability inventory: Includes the ability to read and write files within the project structure and execute local shell commands like
makeandgit. - Sanitization: There is no mention of sanitizing or validating the content read from the repository files before processing.
Audit Metadata