code-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): No external downloads or remote dependencies are defined. The skill uses only the Python standard library.
- [COMMAND_EXECUTION] (SAFE): The
check_style.pyscript performs string-based heuristic analysis on code. It does not usesubprocess,os.system,eval, orexec. - [DATA_EXFILTRATION] (SAFE): There are no network calls (
requests,urllib) or sensitive file access patterns detected. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill is designed to process untrusted source code provided by users, which is a potential surface for indirect injection if the code contains malicious instructions in comments.
- Ingestion points: User-provided code is passed to
check_style.pyand subsequently analyzed by the agent. - Boundary markers: Absent; the agent is not explicitly told to ignore instructions embedded within the code comments.
- Capability inventory: None; the skill lacks network, file-write, or system execution capabilities.
- Sanitization: None; code is treated as raw text.
Audit Metadata