receiving-code-review
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No malicious overrides, safety bypasses, or instructions to ignore previous rules were detected. The skill focuses on professional and technical constraints for code reviews.
- [DATA_EXFILTRATION]: No evidence of credential exposure or unauthorized data transmission was found. The use of the GitHub CLI for communication is within the scope of code review tasks.
- [INDIRECT_PROMPT_INJECTION]: The skill manages feedback from external reviewers, which constitutes an untrusted data surface. It proactively addresses this risk by mandating technical skepticism and verification before any suggestions are adopted. * Ingestion points: External code review feedback (SKILL.md). * Boundary markers: The skill establishes a structured response pattern and verification checklist to process input. * Capability inventory: Potential interaction with GitHub API for replying to comments. * Sanitization: Relies on technical evaluation, YAGNI checks, and reasoning as a filter for external input.
Audit Metadata