adversarial-review
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The agent is instructed to use shell commands such as ripgrep and project-specific search tools for code discovery.
- [COMMAND_EXECUTION]: The skill's memory protocol involves reading and writing to files in the .claude/context/memory/ directory using bash commands to maintain state across sessions.
- [PROMPT_INJECTION]: The workflow ingests untrusted project files for review without explicit boundary markers, which constitutes an indirect prompt injection surface. Ingestion points: SKILL.md reads all files in scope; Boundary markers: Absent; Capability inventory: Bash, Write, and Read; Sanitization: Absent.
- [SAFE]: All identified behaviors are consistent with the skill's primary purpose of performing in-depth code reviews.
Audit Metadata