code-review
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill instructions are aligned with its stated purpose of improving code quality through review.
- [PROMPT_INJECTION]: The skill uses instructional language such as 'CRITICAL: Don't trust documentation' to emphasize thoroughness, but these are task-oriented guidelines and do not attempt to bypass agent safety filters or override system-level constraints.
- [DATA_EXFILTRATION]: The skill uses read-only file system tools (
Read,Grep,Glob). It does not include network-enabled commands or tools that could be used to transmit data externally. - [REMOTE_CODE_EXECUTION]: There are no patterns indicating the download or execution of remote scripts. All operations are local and limited to inspection.
- [COMMAND_EXECUTION]: The toolset is restricted to file inspection. There is no evidence of arbitrary shell command execution, subprocess spawning, or system configuration modification.
Audit Metadata