review-script
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection as it ingests untrusted code from files and performs analysis/modifications based on that content.
- Ingestion points: Step 1 (Load Script(s)) reads external file content from user-specified paths.
- Boundary markers: Absent. No specific delimiters or instructions are provided to help the agent distinguish between code to be reviewed and potential malicious instructions within that code.
- Capability inventory: File system access for reading (Step 1) and writing/updating files (Step 6
- 'Offer to Apply Fixes').
- Sanitization: Absent. The skill does not include steps to sanitize, escape, or validate script content before it is processed by the LLM.
Audit Metadata