receiving-code-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest and act upon data (code review feedback) from external, potentially untrusted sources.
- Ingestion points: External reviewers' feedback via GitHub comments or other interfaces as described in the 'Source-Specific Handling' section of SKILL.md.
- Boundary markers: Absent. The skill does not define specific delimiters to separate reviewer comments from system instructions.
- Capability inventory: The skill implies the use of
grepfor codebase searching and utilizes the GitHub API (gh api) to post replies to comments. It also suggests implementing and testing changes, which implies execution of build/test scripts. - Sanitization: While no technical sanitization (like escaping) is provided, the skill mandates a logical sanitization process: technical verification against the codebase reality, checking for regressions, and requiring clarification for unclear items before implementation.
Audit Metadata