critical-code-reviewer
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides instructions for the AI to act as a code reviewer without invoking dangerous tools or external scripts. It includes a reference to its own documentation on GitHub, which is a resource from the same vendor (posit-dev).\n- [PROMPT_INJECTION]: The skill processes untrusted user data (code and pull requests), which is an ingestion surface for indirect prompt injection. This risk is inherent to its primary purpose and mitigated by the lack of high-risk capabilities.\n
- Ingestion points: User-provided code snippets and PR descriptions in SKILL.md.\n
- Boundary markers: None present in the skill instructions.\n
- Capability inventory: The skill uses interactive tools for user feedback but lacks file-system or network access.\n
- Sanitization: Not implemented within the prompt instructions.
Audit Metadata