review
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides a set of procedural instructions for performing code reviews and does not contain any malicious code, obfuscation, or unauthorized data access patterns. All file operations are directed toward generating a report in the workspace directory.- [SAFE]: The skill has a defined attack surface for indirect prompt injection because its core function is to process untrusted external code.- [SAFE]: Ingestion points: Code content from files, pull requests, or branches provided in the $ARGUMENTS variable.- [SAFE]: Boundary markers: No explicit markers are defined in the skill instructions to separate input code from the agent's instructions.- [SAFE]: Capability inventory: The skill utilizes
TodoWritefor task management and writes markdown report files to theplans/reports/directory.- [SAFE]: Sanitization: The skill does not perform sanitization on the code content before analysis.
Audit Metadata