code-review
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it is designed to read and process the full content of untrusted source code files and directory listings. \n
- Ingestion points: The skill reads target files or directories specified by the user and the project-level CLAUDE.md file using the 'Read' tool. \n
- Boundary markers: The prompt instructions do not provide any delimiters or markers to separate the content of the analyzed files from the agent's internal instructions, nor does it include warnings to ignore embedded commands. \n
- Capability inventory: The skill is granted access to the 'Bash', 'Read', 'Glob', and 'Grep' tools, providing a significant capability set that could be misused if the agent follows malicious instructions found within a reviewed file. \n
- Sanitization: No sanitization, escaping, or filtering of the file content is performed prior to the agent's evaluation.
Audit Metadata