nestjs-code-review
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary purpose is defensive code analysis. It provides structured guidance to help agents identify security issues such as hardcoded credentials, lack of input validation, and improper authorization patterns.
- [SAFE]: The allowed tools (Read, Edit, Grep, Glob, Bash) are consistent with the requirements for discovering and analyzing codebases. The instructions specifically focus on using these tools for file discovery and content inspection.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it reads and processes external codebase files.
- Ingestion points: Files discovered via
globandgrepare read into the agent's context. - Boundary markers: The instructions do not define specific delimiters to separate untrusted code from the agent's instructions.
- Capability inventory: The agent has
BashandEdittools which could be targeted by instructions embedded in malicious code. - Sanitization: No specific sanitization or filtering is defined for the content of the files being reviewed.
- Note: This is an inherent risk for code-review agents and is considered a low-severity surface vulnerability rather than an active threat.
Audit Metadata