codex-review-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill's primary function of reviewing and fixing code creates a vulnerability surface for indirect prompt injection.\n
- Ingestion points: Untrusted source code files processed by the iterative review cycle (referenced in manifest.yaml description).\n
- Boundary markers: No delimiters or 'ignore embedded instructions' warnings are defined within the manifest.yaml configuration.\n
- Capability inventory: The manifest explicitly declares
modifies_filesandcreates_artifactsas side effects of the workflow.\n - Sanitization: No sanitization, escaping, or validation logic for the ingested code is specified in the manifest configuration.\n- [No Executable Code] (SAFE): The provided manifest.yaml is a configuration file containing metadata and does not include scripts, binaries, or commands for external package installation.
Audit Metadata