code-reviewer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection because its primary purpose is to ingest and process untrusted external data (source code and PR metadata). Ingestion points: Source code files, commit messages, and pull request descriptions provided to the agent for review. Boundary markers: Absent; the instructions do not implement delimiters or specific warnings for the agent to ignore instructions embedded within the code under review. Capability inventory: The agent generates assessment reports and references shell commands for execution, which could be influenced by malicious comments in a PR. Sanitization: No input sanitization or validation of the ingested code is specified.
- NO_CODE (SAFE): The provided skill contains only markdown documentation and templates. While 'examples.md' references a 'scripts/review-analyzer.py' for automated analysis, this file was not included in the package and cannot be verified for security issues.
Audit Metadata