review-skill
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted content from local directories as part of its primary auditing workflow.
- Ingestion points: Step 2 in SKILL.md requires the agent to read all files within a target skill directory.
- Boundary markers: The instructions lack delimiters or explicit warnings to ignore instructions found within the reviewed files.
- Capability inventory: Step 5 in SKILL.md allows the agent to automatically apply fixes, which translates to file system write operations.
- Sanitization: No input validation or sanitization is performed on the ingested content before it is used to suggest or apply modifications.
Audit Metadata