linus-tech-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No malicious code or command execution patterns were detected. The skill's primary function is to provide structured technical critiques based on a specific persona.
- Indirect Prompt Injection (LOW): This skill has an attack surface for indirect prompt injection as it is designed to ingest and analyze external code or technical proposals.
- Ingestion points: Reads
git diffand project files as described inSKILL.md. - Boundary markers: None explicitly defined to separate code-under-review from instructions.
- Capability inventory: No scripts or dangerous capabilities (no network, no file writes, no subprocess calls) are present in the skill files.
- Sanitization: No input sanitization is mentioned; however, since the skill performs no actions beyond text generation, the risk is negligible.
- Remote Code Execution (SAFE): No external dependencies, package managers, or remote script downloads are utilized.
- Data Exposure & Exfiltration (SAFE): The skill does not access sensitive system paths or credentials, nor does it contain network operations to exfiltrate data.
Audit Metadata