Skills
skills/riccardogrin/skills/reviewing-code/Gen Agent Trust Hub

reviewing-code

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local shell commands including git diff to identify code changes and project-specific lint or test commands to verify fixes. These operations are essential for the skill's functionality and are confined to the local repository environment.
  • [PROMPT_INJECTION]: The skill processes untrusted external code which presents an indirect prompt injection surface.
  • Ingestion points: Untrusted code is ingested via git diff output and file reads in the scoping and fixing phases (SKILL.md).
  • Boundary markers: No explicit delimiters or specific 'ignore' instructions are used to wrap the untrusted code content provided to the reviewer subagents.
  • Capability inventory: The agent has the capability to modify files on the local disk (Phase 4) and execute arbitrary shell commands defined by the project's testing configuration.
  • Sanitization: No explicit sanitization of input code is performed; however, the skill's multi-agent loop, independent verification phases, and high confidence threshold (70+) serve as inherent structural safeguards against unintended execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 10:29 PM