commit-review
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
git diff --cached --name-onlyandgit diff --cachedto retrieve source code changes for its review process. These commands are essential for the primary functionality but involve interacting with the system shell. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted data from git repositories. A malicious actor could include specific instructions in code comments to manipulate the agent's review output or behavior.
- Ingestion points: File content and change sets retrieved via
git diff. - Boundary markers: The skill does not define specific delimiters or provide instructions to the model to ignore embedded commands in the reviewed code.
- Capability inventory: The skill is designed to read file changes but does not include explicit network or file-writing operations in its logic.
- Sanitization: No sanitization or escaping is performed on the code content before it is processed by the agent.
Audit Metadata