code-review
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions and reference materials are focused entirely on legitimate code review practices.
- [PROMPT_INJECTION]: No direct prompt injection or jailbreak patterns were found in the instructions. The skill utilizes subagents for modular analysis, which follows best practices for task separation. While the skill processes untrusted code files (indirect prompt injection surface), this risk is fundamental to its primary purpose as a reviewer.
- [DATA_EXFILTRATION]: No unauthorized access to sensitive files or network exfiltration was detected. Guidelines within the skill actively advise against insecure secret management and hardcoded credentials.
- [COMMAND_EXECUTION]: The skill contains no logic for executing arbitrary commands or escalating privileges on the host system. It provides guidance on detecting unsafe command execution in other code.
- [REMOTE_CODE_EXECUTION]: There are no patterns involving the download and execution of remote scripts from untrusted sources within the skill's own operational logic.
Audit Metadata