Skills
skills/thinkfleetai/thinkfleet-engine/code-review/Gen Agent Trust Hub

code-review

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses pip install radon to install a Python package for complexity analysis. This involves downloading code from the public PyPI registry at runtime. The command does not specify a version or use a lockfile, representing an unverified external dependency.
  • [COMMAND_EXECUTION]: The skill executes multiple shell commands including gh (GitHub CLI), grep, awk, and radon. These commands are used to interact with remote repositories and analyze local files, executing with the agent's current privileges.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection attacks.
  • Ingestion points: Untrusted content is ingested from pull requests via gh pr diff and gh pr view in the 'Review a PR' and 'Complexity Analysis' sections.
  • Boundary markers: The skill does not define delimiters or specific instructions to the agent to disregard instructions that might be embedded in the PR diff or description.
  • Capability inventory: The skill has the capability to perform actions on the user's behalf, such as approving PRs or requesting changes using gh pr review and the GitHub API.
  • Sanitization: No sanitization or filtering is applied to the PR content before it is passed to the agent for analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 05:13 AM