code-review
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides a detailed and benign framework for code analysis. No indicators of prompt injection, data exfiltration, or malicious intent were discovered in the metadata or the instructions.
- [INDIRECT_PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because its core function involves processing untrusted source code while having access to the Bash tool. * Ingestion points: Reads external files via Read, Grep, and Glob tools. * Boundary markers: The prompt does not define specific delimiters for separating user-provided code from instructions. * Capability inventory: Access to the Bash tool is allowed, which represents a significant capability. * Sanitization: No explicit code sanitization or filtering is mentioned.
Audit Metadata