Skills
skills/zhanlincui/agent-skills-hunter/requesting-code-review/Gen Agent Trust Hub

requesting-code-review

Pass

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes local git commands (git rev-parse, git log, git diff) to extract commit information and code changes. These are standard operations for a development-focused skill.\n- [PROMPT_INJECTION]: The review template in code-reviewer.md represents a surface for indirect prompt injection by interpolating code and plan data into the prompt context.\n
  • Ingestion points: Data is incorporated via {WHAT_WAS_IMPLEMENTED}, {PLAN_OR_REQUIREMENTS}, and {DESCRIPTION} placeholders in code-reviewer.md.\n
  • Boundary markers: The template does not utilize specific delimiters or instructions to ignore embedded commands within the reviewed content.\n
  • Capability inventory: The skill has the ability to execute shell commands via the git CLI.\n
  • Sanitization: There is no evidence of sanitization or escaping of the input data before interpolation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 12, 2026, 02:59 AM