alreview
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill uses mandatory directives to override standard agent behavior. \n
- Evidence: "Mandatory: Do not use your plan mode. Execute the review protocol from alignfirst." \n
- This instruction attempts to disable the agent's internal planning and oversight mechanisms, potentially increasing autonomy and reducing user transparency. \n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by relying on external instructions and code data. \n
- Ingestion points: Reads instructions from
../alignfirst/SKILL.mdand processes branch diffs for code reviews. \n - Boundary markers: Absent. There is no explicit instruction to ignore embedded directives in the code being reviewed or the external protocol files. \n
- Capability inventory: The skill is designed for code reviews, which implies the ability to read project files and potentially execute analysis tools. \n
- Sanitization: No sanitization or validation of the referenced files or the code under review is described. \n- [NO_CODE]: The skill does not contain any executable scripts or binary files, consisting entirely of natural language instructions in the SKILL.md file.
Audit Metadata