review-ai-writing
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- SAFE (SAFE): No malicious logic, obfuscation, or unauthorized data access patterns were detected. The skill functions as a passive knowledge base for an AI agent to use during text analysis.
- Indirect Prompt Injection (LOW): The skill is designed to ingest and analyze untrusted external content (markdown files, code comments, git logs, and PR descriptions), which is an inherent attack surface for indirect prompt injection. However, the risk is negligible because the skill's capabilities are limited to reporting findings and do not include code execution, file system modification, or network requests.
- Ingestion points: Reads files matching
*.md,*.py,*.ts,*.js,*.go,*.swift,*.rs,*.java,*.kt,*.rb,*.ex, as well asgit logand PR body content. - Boundary markers: None explicitly defined within the provided rule sets.
- Capability inventory: Restricted to analysis and structured output generation; no
subprocess,exec, orevalcalls exist in the provided files. - Sanitization: No specific sanitization or filtering of external input is implemented within these rule sets.
Audit Metadata