reviewing-code
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill requires the agent to ingest and analyze untrusted data from pull requests and external code repositories.
- Ingestion points: Pull request content, related files, and code changes are processed as the primary input for the skill (SKILL.md).
- Boundary markers: There are no defined delimiters or instructions to treat external code as untrusted or to ignore instructions embedded within the code being reviewed.
- Capability inventory: The skill's checklist includes verification of development workflow steps such as
uv sync,prek, andpytest(SKILL.md), which may lead the agent to execute tools on the untrusted codebase. - Sanitization: No sanitization, escaping, or validation of the ingested code content is specified in the review process.
Audit Metadata