receiving-code-review
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of markdown-based instructional content without executable scripts, third-party dependencies, or binary files.
- [PROMPT_INJECTION]: The 'Forbidden Responses' section contains behavioral constraints intended to prioritize technical accuracy over performative agreement. These instructions align with best practices for technical rigor and do not attempt to bypass safety filters or ignore core system directives.
- [COMMAND_EXECUTION]: The skill describes the use of standard development tools, specifically
grepfor searching the codebase andgh apifor replying to GitHub pull request comments. These are presented as legitimate workflows for code review tasks. - [DATA_EXPOSURE]: No hardcoded credentials, sensitive file paths, or unauthorized network exfiltration patterns were detected. The use of GitHub API calls is restricted to replying to existing threads within the context of the user's PR activities.
Audit Metadata