Skills
skills/oimiragieo/agent-studio/receiving-code-review/Gen Agent Trust Hub

receiving-code-review

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill uses 'Iron Laws' and 'Forbidden Responses' to define a specific technical persona for the agent. These are behavioral instructions intended to ensure technical rigor and do not target system safety filters or content guidelines.
  • [PROMPT_INJECTION]: The skill presents a surface area for indirect prompt injection as it is designed to ingest and act upon code review feedback from untrusted external sources.
  • Ingestion points: External code review feedback and GitHub comments.
  • Boundary markers: No explicit delimiters are used to separate external feedback from the agent's internal instructions.
  • Capability inventory: The agent utilizes Bash, Edit, and Write tools, enabling it to modify the filesystem and perform network operations.
  • Sanitization: No specific input sanitization is implemented for the review text before it is processed or used in tool calls.
  • [COMMAND_EXECUTION]: The skill documentation provides instructions for executing GitHub CLI commands (gh api) through the Bash tool to interact with repository pull requests.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 02:59 AM