code-review
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell commands such as
git status,git diff, andnpx tsc --noEmit. It also attempts to run alintscript if one is defined in the project'spackage.json. These are legitimate and expected operations for a code-review tool. - [PROMPT_INJECTION]: The skill processes untrusted input in the form of source code and git diffs, which is a surface for indirect prompt injection. Ingestion points: Source code files and git diff output are read into the agent context. Boundary markers: No explicit delimiters or instructions are provided to separate user-provided code from the agent's core instructions. Capability inventory: The skill has access to file system reading and shell command execution. Sanitization: Content is analyzed directly without pre-processing or sanitization.
Audit Metadata