Skills
skills/tyk-lab/my-ai-skill/requesting-code-review/Gen Agent Trust Hub

requesting-code-review

Warn

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The template in code-reviewer.md uses string interpolation to build shell commands: git diff --stat {BASE_SHA}..{HEAD_SHA} and git diff {BASE_SHA}..{HEAD_SHA}. This pattern is vulnerable to command injection if the SHA variables contain shell metacharacters or are sourced from untrusted input.
  • [PROMPT_INJECTION]: The skill processes untrusted input through placeholders like {DESCRIPTION} and {PLAN_REFERENCE} in code-reviewer.md without safety markers.
  • Ingestion points: Input variables in code-reviewer.md from external implementation descriptions and plans.
  • Boundary markers: No delimiters or "ignore instructions" warnings are present to distinguish system instructions from external data.
  • Capability inventory: Execution of shell-based git commands and making critical decisions on code merge readiness.
  • Sanitization: No input validation or escaping is applied to the data before it is inserted into the prompt.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 1, 2026, 12:35 PM