code-review-expert
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill uses standard, safe local development tools such as
git,ripgrep, andgrepto analyze source code. - [PROMPT_INJECTION]: The skill processes untrusted code from git diffs, which represents a potential surface for indirect prompt injection. However, the risk is mitigated as the skill only performs actions after explicit user confirmation.
- Ingestion points: Git diffs and file content read via
git diff,rg, andgrep(SKILL.md). - Boundary markers: Not explicitly defined for the ingested code content.
- Capability inventory: File reading and local command execution; write capabilities are gated by user confirmation (SKILL.md Step 7).
- Sanitization: None identified for the code being reviewed.
Audit Metadata