Skills
skills/proffesor-for-testing/sentinel-api-testing/sherlock-review/Gen Agent Trust Hub

sherlock-review

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • Indirect Prompt Injection (SAFE): The skill is designed to process untrusted data such as pull request descriptions, commit messages, and code diffs.
  • Ingestion points: Processes external data via git diff, git log, and PR descriptions in SKILL.md.
  • Boundary markers: Uses structured markdown templates for investigations but does not include explicit instructions to ignore embedded prompts in reviewed data.
  • Capability inventory: References the use of shell commands like git and npm test for evidence gathering.
  • Sanitization: No explicit sanitization of reviewed content is defined, which is standard for an investigative tool where the user/agent is expected to interpret the data critically.
  • Command Execution (SAFE): The skill suggests the use of standard development commands (git, npm test). These are consistent with the skill's primary purpose of code review and are not used for malicious privilege escalation or persistence.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:41 PM