code-reviewer
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill files provide legitimate instructions for a code review role without any evidence of malicious patterns or data exfiltration attempts.
- [COMMAND_EXECUTION]: The skill identifies tasks like 'fix, test, commit' which involve system commands. These are documented as core functions for the agent's role in engineering workflows.
- [PROMPT_INJECTION]: The skill's role in reviewing external code introduces a surface for indirect prompt injection.
- Ingestion points: Code provided for analysis as specified in SKILL.md.
- Boundary markers: No delimiters or specific ignore instructions are present for the ingested code.
- Capability inventory: The agent can modify files and execute tests/git commands.
- Sanitization: There is no mention of sanitizing or escaping the content of the code being reviewed.
Audit Metadata