code-review
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface detected because the skill is intended to process untrusted code and descriptions from external pull requests.
- Ingestion points: Skill triggers on 'review', 'PR', and 'pull request' contexts as defined in SKILL.md and synapses.json.
- Boundary markers: The instructions do not specify the use of delimiters or protective instructions (e.g., 'ignore embedded commands') when reading external code.
- Capability inventory: No dangerous executable code or network operations are present in the skill files themselves.
- Sanitization: No sanitization or escaping of the ingested code content is specified in the workflow.
- [NO_CODE]: The skill consists entirely of markdown documentation and JSON metadata; no executable scripts, binaries, or source code files are included.
Audit Metadata