receiving-code-review
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill handles untrusted data from external sources, making it a surface for indirect prompt injection.
- Ingestion points: GitHub review comments accessed via 'gh api' and external reviewer feedback in 'SKILL.md'.
- Boundary markers: Absent; there are no instructions to use delimiters when processing review text.
- Capability inventory: The agent can modify the codebase, execute 'grep' searches, and post replies to GitHub.
- Sanitization: Absent; the skill does not specify how to escape or validate the contents of the feedback.
Audit Metadata