dojo-review
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to analyze untrusted external data (user-provided Dojo code) using
Read,Grep, andGlobtools. - Ingestion points: Source code files accessed via allowed tools.
- Boundary markers: None identified in the provided skill definition to isolate code content from instructions.
- Capability inventory: The skill lacks execution (
exec/eval), file-write, or network capabilities, limiting the potential impact of an injection. - Sanitization: No logic is present to sanitize or filter potential malicious instructions embedded within the code being reviewed.
Audit Metadata