skill-reviewer
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's logic is restricted to reading local markdown files and generating a checklist report based on predefined rules. It does not perform any sensitive operations, network requests, or code execution.
- [PROMPT_INJECTION]: The skill handles third-party data from processed SKILL.md files. This creates a surface for indirect prompt injection; however, the skill's restricted capabilities (only generating a text report) and built-in validation rules (e.g., prohibiting XML tags in metadata) effectively mitigate the risk of the agent being misdirected.
- [DATA_EXPOSURE]: While the skill reads files based on user-provided paths, it is explicitly constrained to 'SKILL.md' files within the repository scope, preventing arbitrary file access to sensitive system or configuration data.
Audit Metadata