frontend-code-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): The instructions are strictly focused on code review workflows and do not contain bypasses, role-play instructions, or attempts to extract system prompts.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file paths, hardcoded secrets, or network exfiltration patterns (like curl or fetch) were found.
- [Indirect Prompt Injection] (LOW): As a code review tool, the skill naturally ingests untrusted code. This creates a surface for indirect prompt injection where malicious instructions could be hidden in the code being reviewed. However, the skill provides no dangerous capabilities (like shell execution) to exploit, and this risk is inherent to the skill's primary function.
- [No Code] (SAFE): The skill is entirely documentation-based (Markdown) and does not include any Python, JavaScript, or shell scripts that could execute logic on the host system.
Audit Metadata