Skills
skills/showcase-gig-platform/scg-ai-playbook/coderabbit-review/Gen Agent Trust Hub

coderabbit-review

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION] (HIGH): The skill transmits the local codebase, including uncommitted and committed changes, to an external third-party service (CodeRabbit) over the internet.
  • [PROMPT_INJECTION] (HIGH): High risk of Indirect Prompt Injection as the agent processes untrusted feedback from an external API and is explicitly instructed to modify local files based on that feedback. 1. Ingestion points: Output from the coderabbit CLI tool which receives data from an external API. 2. Boundary markers: Absent; there are no delimiters or instructions for the agent to ignore embedded commands within the review feedback. 3. Capability inventory: Local file-write and code modification (to fix identified issues). 4. Sanitization: Absent; no validation or escaping of the external feedback is performed before the agent acts on it.
  • [COMMAND_EXECUTION] (MEDIUM): The skill executes external CLI commands using the coderabbit binary, which is a required external dependency.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 06:19 AM