review-code
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [NO_CODE]: The skill consists exclusively of markdown documentation and metadata and does not include any source code, scripts, or executable files.
- [PROMPT_INJECTION]: The skill processes untrusted data (local code changes), which presents a surface for indirect prompt injection. This is associated with the primary purpose of the skill.
- Ingestion points: Local code changes and existing repository patterns as described in SKILL.md.
- Boundary markers: No delimiters or instructions to ignore embedded commands are specified.
- Capability inventory: File system read access (via git) and write access for creating review documents.
- Sanitization: No sanitization of the content being reviewed is mentioned.
- [COMMAND_EXECUTION]: The skill metadata specifies a requirement for the git binary, which is used for the legitimate purpose of identifying differences in the local repository.
- [SAFE]: No obfuscation, data exfiltration attempts, or unauthorized persistence mechanisms were identified in the skill content.
Audit Metadata