code-quality
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to analyze external codebase content, which inherently introduces an attack surface for indirect prompt injection from untrusted code or comments.
- Ingestion points: Code files, git logs, and test output processed in
SKILL.mdand the debugging/review references. - Boundary markers: Absent; the skill does not define specific delimiters for separating codebase data from instructions.
- Capability inventory: Local execution of
gitcommands and the bisection scriptscripts/find-polluter.sh(which runsnpm test). - Sanitization: None identified; content is processed directly for review and debugging purposes.
- [Command Execution] (SAFE): The skill includes a shell script (
scripts/find-polluter.sh) that executesnpm test. This is an expected and necessary function for a code quality skill intended for local development environments and is properly implemented with variable quoting to prevent trivial injection. - [Data Exposure] (SAFE): Analysis of the skill's instruction set shows it only interacts with project-specific data (source code and git metadata) and does not attempt to access sensitive system paths, credentials, or environment variables.
- [Behavioral Safeguards] (INFO): The skill includes unique safety mechanisms, such as a 'safe-word' phrase ("Strange things are afoot at the Circle K") for the agent to use if it feels uncomfortable with feedback, promoting transparency between the agent and the user.
Audit Metadata