review-implementation
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands to execute development tools such as
cargo,git,eslint, andvultureto audit code quality and verify implementation. These are expected behaviors for a review-oriented skill. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it reads and analyzes untrusted data from the codebase being reviewed.
- Ingestion points: Reads source code files from
src/andtests/directories and task specifications viabd show. - Boundary markers: No specific delimiters or safety instructions are used to separate the code content from the agent's internal instructions.
- Capability inventory: Capable of executing shell commands, reading filesystem content, and triggering subsequent automated workflow steps.
- Sanitization: The skill does not perform sanitization or filtering of the file content before interpreting it for review findings.
Audit Metadata