review-task
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a legitimate orchestration pattern using internal agent capabilities to execute local assessment scripts. No evidence of obfuscation, hardcoded credentials, or unauthorized network exfiltration was found.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests content from task files to perform quality assessments. 1. Ingestion points: Reads the full content of task files located at .claude/tasks/{task-id}.md. 2. Boundary markers: Relies on markdown headers (e.g., '## Acceptance Criteria') for parsing and uses specific markers to delimit its own '## Quality Review' section. 3. Capability inventory: Authorized to read/write project files and execute local quality skills via an internal orchestration tool. 4. Sanitization: Content from task files is summarized and synthesized without explicit sanitization or filtering of potential instructions embedded in implementation records or criteria.
Audit Metadata