multi-review
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted code changes which could potentially contain malicious instructions. It proactively mitigates this risk by employing explicit boundary delimiters and specific instructions for sub-agents to treat the code content strictly as data, following security best practices for handling untrusted input.
- [COMMAND_EXECUTION]: The skill utilizes local system commands like
git diffandmktempto retrieve code and manage temporary files. These operations are limited to the skill's primary function of code analysis and do not present an escalation risk.
Audit Metadata