Skills
skills/proffesor-for-testing/agentic-qe/sherlock-review/Gen Agent Trust Hub

sherlock-review

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because its primary function is to ingest and analyze untrusted content from version control systems and pull request metadata.
  • Ingestion points: The SKILL.md file outlines a process for gathering evidence from git diff and PR descriptions.
  • Boundary markers: There are no explicit instructions to treat the analyzed code or claims as untrusted data or to use specific delimiters to separate data from instructions.
  • Capability inventory: The skill context includes the ability to execute shell commands such as git and npm and to interact with task management systems.
  • Sanitization: The provided files do not include mechanisms for sanitizing or escaping content retrieved from external sources before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 08:48 PM