phoenix-code-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Phoenix Code Review Guidelines (SAFE): The skill consists entirely of documentation and checklists intended to guide an AI agent during a code review process. It does not include any scripts, executables, or configuration files that could be leveraged for malicious purposes.
- Security Best Practices Promotion (SAFE): The content encourages secure development practices, specifically referencing 'protect_from_forgery' for CSRF protection, mandatory authentication plugs, and strict input validation using Ecto changesets.
- Indirect Prompt Injection Surface (LOW): As the skill is designed to process and review user-provided code, it inherently has a surface for indirect prompt injection. However, since the skill does not grant the agent any dangerous capabilities (such as network access or shell execution), this surface does not pose a direct threat.
- Ingestion points: Elixir/Phoenix source files provided for review.
- Boundary markers: Absent in documentation.
- Capability inventory: None; the skill provides only natural language instructions.
- Sanitization: None specified for input code.
Audit Metadata