Skills
skills/yigitkonur/skill-devin-review-init/devin-review-init/Gen Agent Trust Hub

devin-review-init

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection. It is designed to ingest data from untrusted sources within the repository to inform its generation logic.
  • Ingestion points: The skill reads REVIEW.md, AGENTS.md, CLAUDE.md, CONTRIBUTING.md, .cursorrules, .windsurfrules, and other *.rules or *.mdc files from the repository being analyzed.
  • Boundary markers: No specific delimiters or "ignore embedded instructions" warnings are defined for the agent to use when reading these files.
  • Capability inventory: The skill uses the agent's underlying capabilities to read files and write new configuration files (REVIEW.md, AGENTS.md).
  • Sanitization: There is no evidence of sanitization or filtering of the content ingested from the existing repository files.
  • [COMMAND_EXECUTION]: The exploration phase of the skill (Phase 1) suggests the use of command-line tools like ls -la and searching through directory structures (docs/, apps/, etc.) to map the repository. While these are read-only exploration commands, they are part of the skill's automated workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 12:13 PM