Skills
skills/topshark-jim/gstack/review/Gen Agent Trust Hub

review

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes shell commands including git branch, git fetch, and git diff to retrieve repository metadata and code changes for the review process.
  • [PROMPT_INJECTION]: The skill processes untrusted input from git diffs, which presents a surface for indirect prompt injection where an attacker could embed instructions in comments or code to influence the agent's review logic.
  • Ingestion points: Reads untrusted code changes via git diff origin/main as specified in SKILL.md.
  • Boundary markers: Absent; the workflow does not employ delimiters or specific instructions to ignore embedded commands within the diff content.
  • Capability inventory: Executes git commands and can modify local files if the user selects a "Fix it now" option (SKILL.md).
  • Sanitization: None; the agent operates directly on the raw diff output without filtering or validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 06:44 PM