code-review-expert
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The workflow involves running local commands like
git status,git diff, andrgto analyze the repository's current state and identify changes. These commands are essential for the skill's functionality and are executed in a local context. - [PROMPT_INJECTION]: The skill is subject to indirect prompt injection because it processes untrusted code and diffs. This is a characteristic of code review tools rather than a specific vulnerability in the skill's logic.
- Ingestion points: Code changes and search results retrieved via git and ripgrep.
- Boundary markers: Not explicitly present in the provided instructions.
- Capability inventory: Execution of local repository analysis tools.
- Sanitization: No specific filtering or escaping is defined for the content being analyzed.
Audit Metadata