Skills
NYC
skills/smithery/ai/code-review/Gen Agent Trust Hub

code-review

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill executes git diff to identify code changes in the repository. This is an expected and legitimate operation for a code review tool.
  • [PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because it processes untrusted source code.
  • Ingestion points: The skill reads file content and diffs from the local environment (SKILL.md).
  • Boundary markers: Absent. The instructions provided to the subagent do not use explicit delimiters or "ignore instructions" warnings to isolate the untrusted code from the analysis logic.
  • Capability inventory: The subagent has the capability to analyze code and generate potentially influential reports.
  • Sanitization: Absent. There is no evidence of sanitization or escaping of the ingested code before it is passed to the LLM agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:44 PM