code-review
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes several project-specific shell scripts including
./scripts/hooks/lint.sh,./scripts/generate-openapi.sh,./scripts/generate-clients.sh, and./scripts/release-integration.sh. These executions are central to the skill's purpose of automating repository maintenance and validation tasks. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes untrusted data from the local repository environment.
- Ingestion points: The agent reads file contents and metadata through
git diffandgit logcommands to perform its review. - Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore potentially malicious content embedded within the code or commit messages being reviewed.
- Capability inventory: The skill can execute arbitrary shell scripts located in the
./scripts/directory and perform various git operations. - Sanitization: The skill does not implement sanitization or validation logic for the code changes it inspects before processing them.
Audit Metadata