Skills
skills/flc1125/skills/otel-go-reviewer/Gen Agent Trust Hub

otel-go-reviewer

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to ingest and process untrusted data (pull requests, diffs, and patches) without providing explicit instruction isolation or boundary markers.
  • Ingestion points: The SKILL.md file defines the review of external pull requests, diffs, and patches as the primary task.
  • Boundary markers: There are no defined delimiters or instructions for the agent to ignore potentially malicious commands embedded within the diff content.
  • Capability inventory: As an AI agent skill, it may have access to environment tools like shell execution or file manipulation that could be targeted via injected instructions in a diff.
  • Sanitization: No sanitization or validation of the input content is specified before the agent processes it.
  • [EXTERNAL_DOWNLOADS]: The skill references authoritative documents and repository policies from the OpenTelemetry project.
  • References: Includes links to configuration and policy files on the official open-telemetry GitHub organization and specification documentation at opentelemetry.io.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 03:30 AM