Skills
skills/sickn33/antigravity-awesome-skills/receiving-code-review/Gen Agent Trust Hub

receiving-code-review

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because its primary function is to ingest and act upon untrusted data from 'External Reviewers'.
  • Ingestion points: Reviewer feedback is ingested and processed as described in the 'The Response Pattern' and 'Source-Specific Handling' sections of SKILL.md.
  • Boundary markers: Absent. There are no instructions to use delimiters or to treat the external feedback strictly as data to prevent the agent from obeying embedded instructions.
  • Capability inventory: The agent is authorized to perform codebase searches using grep and execute network requests/write operations via the GitHub API (gh api).
  • Sanitization: Absent. No filtering or escaping is applied to the feedback content before it is processed by the agent.
  • [COMMAND_EXECUTION]: The skill utilizes the grep utility to check for code usage (YAGNI checks) and the GitHub CLI (gh api) to interact with pull request comments. These are standard developer tools used for their intended purposes.
  • [DATA_EXFILTRATION]: The skill interacts with the GitHub API to post replies to pull request comments. This network activity targets a well-known service (GitHub) to perform routine repository management tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 08:35 AM