code-reviewer
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it is designed to read and process untrusted source code provided in projects or pull requests.
- Ingestion points: The skill reads all project files, pull request diffs, and configuration files within the specified scope as described in SKILL.md.
- Boundary markers: No specific delimiters or instructions are implemented to separate the untrusted code content from the agent's review logic or to ignore embedded natural language commands.
- Capability inventory: The skill is only capable of producing a structured text-based review report; no subprocess execution, network operations, or persistent file modification capabilities were identified.
- Sanitization: The input code content is processed directly without sanitization, escaping, or schema validation.
Audit Metadata