mb-review
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it reads and analyzes content from the .memory-bank/ directory. Malicious instructions embedded in the project documentation could attempt to manipulate the sub-agents' findings or the final review verdict.
- Ingestion points: Files located in the .memory-bank/ directory.
- Boundary markers: No specific delimiters or instructions to ignore embedded commands are used when passing data to sub-agents.
- Capability inventory: The skill spawns multiple sub-agents (Architect, Security, etc.) and writes report files to the .tasks/ directory.
- Sanitization: There is no evidence of input validation or sanitization for the documentation being processed.
Audit Metadata