code-reviewer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill provides a workflow for the agent to ingest and analyze untrusted external source code and pull requests. 1. Ingestion points: File system paths provided as arguments to the scripts in the
scripts/directory. 2. Boundary markers: Absent; no specific instructions or delimiters are used to differentiate analyzed code from agent instructions. 3. Capability inventory: The included scripts (pr_analyzer.py,code_quality_checker.py,review_report_generator.py) are currently stubs that check for file existence but are intended to read and process external file content. 4. Sanitization: No sanitization or escaping of the ingested code content is performed.
Audit Metadata