review-clean-code
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The instructions are focused on code review principles and do not contain attempts to bypass safety filters or override system instructions.
- [Data Exposure & Exfiltration] (SAFE): There are no hardcoded credentials, sensitive file paths, or network exfiltration patterns detected. Code examples in the documentation are for illustrative purposes only.
- [Remote Code Execution] (SAFE): The skill does not download external scripts or packages, nor does it attempt to execute code at runtime.
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and process untrusted code provided by users or found in codebases. While this constitutes an attack surface, the skill's output is limited to Markdown and JSON reports, and it lacks the execution capabilities (e.g., subprocess or eval) required to trigger a malicious payload found within the analyzed data.
Audit Metadata