Skills
skills/uwe-schwarz/skills/coderabbit-review/Gen Agent Trust Hub

coderabbit-review

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill is designed to ingest and act upon data from an external source (CodeRabbit CLI output). The instructions explicitly direct the agent to "make the necessary changes immediately" for certain types of comments, which could be exploited if the external output is manipulated.
  • Ingestion points: Output from the coderabbit CLI command.
  • Boundary markers: Absent. There are no delimiters or instructions to treat the external feedback as untrusted data.
  • Capability inventory: The skill has access to Bash, Edit, and Write tools, allowing it to execute arbitrary commands and modify the filesystem.
  • Sanitization: Absent. The agent is instructed to perform immediate edits based on external strings without validation or filtering.
  • Command Execution (SAFE): The skill executes the coderabbit CLI. This is the intended primary behavior of the skill and is required for its functionality. However, it relies on the pre-existence of this third-party binary in the environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:14 PM