inquisitor
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes git commands such as
git diffandgit merge-baseusing branch names or commit SHAs. In its standalone mode, these values can be user-specified, which creates a surface for command injection if the input is not sanitized before being interpolated into shell commands. - [REMOTE_CODE_EXECUTION]: The skill's primary function involves generating, writing, and executing new test scripts at runtime. It also includes a 'Fixer' subagent that has the capability to modify production source code to resolve failing tests, representing a high-privilege dynamic execution workflow.
- [PROMPT_INJECTION]: The skill analyzes implementation diffs, which are external data sources that could contain indirect prompt injections. Maliciously crafted code or comments within a diff could theoretically attempt to influence the Inquisitor's analysis or the Fixer's code modifications.
Audit Metadata