code-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION] (SAFE): No prompt injection patterns, bypass instructions, or behavioral overrides detected. The instructions are strictly limited to code review criteria.
- [DATA_EXFILTRATION] (SAFE): No network operations (curl, wget, fetch) or access to sensitive local file paths (~/.ssh, ~/.aws) are present. The skill only defines output formats for review results.
- [COMMAND_EXECUTION] (SAFE): No shell commands, subprocess spawns, or system-level calls are included in the skill definition.
- [EXTERNAL_DOWNLOADS] (SAFE): No external dependencies, package installations (npm, pip), or remote script executions are attempted. The 'source' metadata points to a trusted organization (anthropics).
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill is designed to process untrusted code from pull requests, which is an inherent attack surface for indirect prompt injection via code comments or metadata. However, the skill does not possess capabilities (like code execution or file writing) to be exploited by such injections.
- Ingestion points: Pull request code and diffs.
- Boundary markers: None defined in this skill version.
- Capability inventory: None (Output is markdown text only).
- Sanitization: Not applicable as no execution occurs.
Audit Metadata