codereview-roasted
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's primary function is to provide technical feedback and architectural insights. It contains explicit instructions prohibiting the modification of code and involves no network operations, file system access, or credential management. It neutrally references the vendor's platform (all-hands.dev) for linking PR evidence.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it is designed to ingest and analyze untrusted code changes.
- Ingestion points: Pull request diffs and source code snippets are processed for review (SKILL.md).
- Boundary markers: The instructions do not specify the use of delimiters or 'ignore embedded instructions' warnings for the analyzed code.
- Capability inventory: Capabilities are limited to generating textual feedback and performance ratings; no shell execution, file writing, or remote communication capabilities are defined within the skill.
- Sanitization: No validation or sanitization steps are provided for the input code before processing.
Audit Metadata