code-review-assistant
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): The instructions provide guidance on code review behavior and prefixes. There are no attempts to bypass safety filters or override system instructions.
- DATA_EXPOSURE (SAFE): No hardcoded credentials or sensitive file paths were detected. The skill only references documentation files within the project structure.
- REMOTE_CODE_EXECUTION (SAFE): There are no commands to download or execute external scripts. The GitHub link provided is for attribution and documentation purposes.
- INDIRECT_PROMPT_INJECTION (LOW): The skill reads the project's
CONTRIBUTING.mdfile to determine configuration settings. While this is an ingestion of untrusted data, the skill has no dangerous capabilities (like file writing or network access) to exploit, and the logic is limited to identifying specific text sections.
Audit Metadata