Skills
skills/booklib-ai/skills/clean-code-reviewer/Gen Agent Trust Hub

clean-code-reviewer

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to ingest and analyze untrusted source code provided by users.
  • Ingestion points: Source code files provided by the user are read by the agent and analyzed by the pre-review.py script.
  • Boundary markers: The instructions do not specify the use of delimiters or 'ignore' warnings when the agent processes the user's code content, which could allow malicious instructions in comments to influence behavior.
  • Capability inventory: The agent has the capability to read local files and execute the pre-review.py helper script.
  • Sanitization: No sanitization or filtering of the input code is performed before analysis to mitigate potential prompt injection attempts.
  • [COMMAND_EXECUTION]: The scripts/pre-review.py file executes an external command as part of its analysis workflow.
  • Evidence: The script uses subprocess.run to call the ruff linter on the target file. While this is an intended feature of the skill to provide automated feedback, it involves executing a CLI tool from a script included in the skill package.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 09:18 AM