receiving-code-review
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill establishes an indirect prompt injection surface through its instructions for processing external feedback. 1. Ingestion points: Reviewer feedback from external partners. 2. Boundary markers: The skill encourages logical gates like 'Verify' and 'Evaluate' but lacks technical delimiters for untrusted input. 3. Capability inventory: The agent is authorized to perform codebase searches (grep) and code implementation (file writing). 4. Sanitization: No explicit input sanitization or filtering of reviewer feedback is defined.
- [NO_CODE]: This skill consists entirely of instructional markdown content and does not package any executable code, scripts, or binaries.
Audit Metadata