Skills
skills/jorgealves/agent_skills/code-review-assistant/Gen Agent Trust Hub

code-review-assistant

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • Indirect Prompt Injection (LOW): The skill's primary function is to process untrusted data from git diffs, making it a target for embedded instructions.\n
  • Ingestion points: The diff and guidelines_path inputs in skill.yaml accept external data.\n
  • Boundary markers: Absent; no instructions are provided to the agent to treat input as data only or to ignore embedded directives.\n
  • Capability inventory: No code or scripts are provided in this skill, limiting the risk of direct command execution.\n
  • Sanitization: Absent; the skill does not implement validation or escaping for its inputs.\n- No Code (SAFE): No executable scripts, binaries, or package dependencies were detected in the skill package.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:50 PM