init-review-policy
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill allows for user-provided overrides to be saved in policy files. This is a primary feature for customization and does not pose a threat in this context.
- Ingestion points: Behavior step 5 allows user input for domain-specific overrides.
- Boundary markers: Absent, as the input is integrated directly into markdown files.
- Capability inventory: Local file-write operations to create policy and checklist files.
- Sanitization: None required for the intended use of generating markdown documentation.
- [Data Exposure & Exfiltration] (SAFE): No patterns for credential exposure or data exfiltration were found.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill contains no code, script downloads, or dynamic execution patterns.
Audit Metadata