Skills
skills/pedrohcgs/claude-code-my-workflow/review-r/Gen Agent Trust Hub

review-r

Pass

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: SAFE
Full Analysis
  • Indirect Prompt Injection (LOW): The skill processes external R scripts that could contain malicious instructions designed to influence the behavior of the r-reviewer agent.
  • Ingestion points: Reads files from the local filesystem using Read, Grep, and Glob tools based on the provided $ARGUMENTS in SKILL.md.
  • Boundary markers: Absent. There are no instructions to use delimiters or specific safety wrappers when passing code content to the reviewer agent.
  • Capability inventory: The skill uses Write to save reports and Task to launch subordinate agents. A successful injection could potentially lead to unauthorized file writes or task manipulation.
  • Sanitization: Absent. The skill reads the raw content of R scripts and passes them directly to the next stage of the workflow without filtering or escaping.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 19, 2026, 07:50 AM