code-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill creates an attack surface by instructing the agent to process and analyze untrusted code provided by users.
- Ingestion points: Code snippets provided for 'review this code', 'check for issues', or 'PR review' tasks.
- Boundary markers: Absent. The skill does not provide specific instructions to the agent on how to distinguish code logic from embedded natural language instructions.
- Capability inventory: None. The skill contains no executable scripts, file system write operations, or network access.
- Sanitization: Absent. The skill does not define methods to sanitize or escape user-provided code.
- [No Code] (SAFE): The skill consists entirely of markdown-based instructional content and metadata. It does not include any Python scripts, Node.js packages, or shell commands, significantly reducing the overall security risk profile.
Audit Metadata