lp-smart-code-review
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The skill instructions are focused exclusively on technical code review. There are no attempts to bypass safety filters, extract system prompts, or override agent constraints.\n- Data Exposure & Exfiltration (SAFE): The skill accesses the local git repository to review code changes, which is its primary purpose. No sensitive paths (e.g., ~/.ssh, .env) are targeted, and no network exfiltration patterns were found.\n- Obfuscation (SAFE): No Base66, zero-width characters, or other hidden content was detected in the markdown or YAML files.\n- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not download or execute remote scripts. It uses standard local command-line tools for its operations.\n- Indirect Prompt Injection (SAFE): \n
- Ingestion points: Reads untrusted code through
git diffandrg.\n - Boundary markers: Instructions mandate a strict structured markdown output for review findings, reducing the chance of code-embedded instructions being obeyed as commands.\n
- Capability inventory: Limited to repository reading and text output; no automated file-write or execution capabilities.\n
- Sanitization: The logic explicitly forbids implementing changes without a second, distinct user confirmation step after the review is presented.\n- Privilege Escalation (SAFE): No use of
sudo,chmod, or other privilege-altering commands was identified.
Audit Metadata