code-reviewer
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality of processing external code.
- Ingestion points: Code snippets, classes, and methods are ingested via triggers such as /review-code or requests for feedback in SKILL.md.
- Boundary markers: The skill lacks explicit markers or instructions to delimit user-provided content from the agent's analytical instructions.
- Capability inventory: The skill is restricted to text generation for feedback; no file-system, network, or command-execution capabilities are present.
- Sanitization: There is no evidence of input filtering or sanitization to prevent malicious instructions embedded in the code from affecting the agent.
Audit Metadata