address-review
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill utilizes git, pnpm, and the GitHub CLI to perform its core functions of fixing code, running tests, and managing issues. These actions are appropriate for the tool's intended use as a developer assistant.
- DATA_EXFILTRATION (SAFE): The skill interacts with GitHub via the gh CLI to create issues. Since GitHub is a whitelisted domain, this is an expected operation.
- PROMPT_INJECTION (SAFE): Indirect prompt injection surface identified. 1. Ingestion points: Code review findings from context or files. 2. Boundary markers: None. 3. Capability inventory: pnpm test, git commit, and gh issue create. 4. Sanitization: Quoted shell heredocs (EOF) prevent simple command injection.
Audit Metadata