receiving-code-review
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill establishes behavioral guidelines for processing code review feedback. It explicitly instructs the agent to avoid performative agreement and to verify all suggestions against the codebase before taking action.
- [INDIRECT_PROMPT_INJECTION]: The skill defines a process for ingesting external review feedback, which constitutes an untrusted data surface.
- Ingestion points: Feedback from external reviewers or partners.
- Boundary markers: None specified in the instructions.
- Capability inventory: read_file, write_file, grep_search, and gh api calls.
- Sanitization: The skill mitigates risk by instructing the agent to technically verify feedback and push back on incorrect or out-of-scope suggestions (YAGNI).
Audit Metadata