team-review
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests untrusted data from git diffs and interpolates it into sub-agent prompts. However, this is inherent to its primary purpose of code review.
- Ingestion points: Git diff output is captured in Phase 1 and passed to sub-agents in Phase 2.
- Boundary markers: The diff content is wrapped in markdown code blocks within the sub-agent prompts.
- Capability inventory: Sub-agents have access to file system reading tools (
Read,Grep,Glob) and shell commands (Bash). - Sanitization: No explicit sanitization or filtering of the diff content is performed beyond markdown delimitation.
- [SAFE]: The skill uses platform-native multi-agent orchestration features to parallelize code review tasks. No malicious patterns, external downloads, or exfiltration attempts were detected.
Audit Metadata