code-review-assistant
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Susceptibility to Indirect Prompt Injection.
- Ingestion points: Python code provided by users for review as described in the workflow of SKILL.md.
- Boundary markers: Absent. The instructions do not specify the use of clear delimiters (e.g., XML tags or markers) to isolate the code being reviewed from the core system prompts.
- Capability inventory: The skill is limited to text-based reasoning and review output; no capabilities for file writing, network requests, or subprocess execution are defined in the provided logic.
- Sanitization: Absent. There is no mechanism described to sanitize the input code or ignore embedded natural language instructions within the code comments or strings.
Audit Metadata