code-review-pro
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill ingests untrusted user-provided code for review, which is a surface for indirect prompt injection. \n
- Ingestion points: Code snippets or files provided by users through prompt activation triggers. \n
- Boundary markers: Absent; there are no instructions to use specific delimiters (like XML tags or specific markdown blocks) to isolate untrusted code from instructions. \n
- Capability inventory: None; the skill is entirely instructional and does not include any scripts, network operations, or filesystem access. \n
- Sanitization: Absent; the skill does not instruct the agent to sanitize input or disregard instructions embedded within the analyzed code's comments or metadata.
Audit Metadata