Skills
skills/sivaprasadreddy/sdd-skills/sdd-review/Gen Agent Trust Hub

sdd-review

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes content from external project files and source code.
  • Ingestion points: Reads docs/project.md, feature.md, plan.md, and codebase files identified via git.
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to treat external file content as untrusted data or to ignore embedded instructions.
  • Capability inventory: Generates detailed reports and suggests code fixes based on analyzed files; utilizes shell commands for file discovery.
  • Sanitization: No input validation or content filtering is implemented for the ingested data.
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands to resolve the scope of the code review.
  • Evidence: git diff main...HEAD --name-only (SKILL.md).
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 04:24 AM