skills/sebas-aikon-intelligence/antigravity-awesome-skills/receiving-code-review/Gen Agent Trust Hub
receiving-code-review
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- PROMPT_INJECTION (HIGH): The skill is highly vulnerable to Indirect Prompt Injection (Category 8) because it processes feedback from 'External Reviewers' that can influence agent actions. * Ingestion points: External reviewer comments as defined in SKILL.md. * Boundary markers: Absent; there are no technical delimiters to isolate external input from the agent's logic. * Capability inventory: The agent is permitted to 'Implement' changes (file writes), run 'grep' on the codebase, and call 'gh api' for GitHub interactions. * Sanitization: None; reliance on 'technical evaluation' is insufficient against adversarial instructions.
- COMMAND_EXECUTION (MEDIUM): The skill directs the agent to use shell-based tools like 'grep' and the GitHub CLI ('gh api') to fulfill its tasks. These tools represent powerful capabilities that could be abused if the agent is successfully injected with malicious parameters from a review comment.
Recommendations
- AI detected serious security threats
Audit Metadata