frontend-code-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Command Execution] (LOW): The skill instructs the agent to execute shell commands such as
bun run buildandbun run lint. While standard for a development workflow, these represent local execution capabilities. - [Indirect Prompt Injection] (LOW): The skill processes external
.tsxand.tsfiles which creates a surface for indirect instructions. Ingestion points: Code files referenced in the review instructions. Boundary markers: None provided in the prompt instructions to distinguish code from instructions. Capability inventory: Local command execution viabun(SKILL.md). Sanitization: None specified for external file content.
Audit Metadata