code-review
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFENO_CODE
Full Analysis
- No Executable Content: The skill is composed entirely of markdown-based instructions and does not ship with any scripts, binary files, or system commands.
- Indirect Prompt Injection Surface: The skill is designed to process and analyze external data such as code snippets, PRs, and diffs (Ingestion point: SKILL.md). While there are no explicit boundary markers or sanitization instructions mentioned (Absent), the skill's capability inventory shows no access to the file system, network, or code execution environments (Capability inventory: None). This lack of privileges ensures that even if malicious instructions were present in the analyzed data, the agent would have no means to execute them, rendering the surface safe.
Audit Metadata