Skills
skills/ozerohax/assistagents/review-strategy/Gen Agent Trust Hub

review-strategy

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOWPROMPT_INJECTIONNO_CODE
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill is designed to ingest and process untrusted external data in the form of code files and pull request descriptions.
  • Ingestion points: Processes user-provided code and PR metadata as outlined in the 'Context Acquisition' and 'Deep Pass' steps of SKILL.md.
  • Boundary markers: The instructions do not define delimiters or specific markers to separate untrusted code from the agent's instructions.
  • Capability inventory: No executable tools, subprocess calls, or network operations are present in the skill definition.
  • Sanitization: There are no mechanisms described for sanitizing or escaping the content of the files being reviewed.
  • [No Code] (SAFE): The skill is composed entirely of markdown instructions. The absence of scripts (Python, JavaScript, Shell) eliminates risks associated with RCE, persistence, or unauthorized file system access.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 11:35 AM