code-review-expert
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a robust 'Hard Gate' security model which explicitly forbids the agent from modifying code or executing destructive actions without direct user approval.
- [COMMAND_EXECUTION]: The skill utilizes standard development tools, specifically
gitandripgrep(rg), to retrieve the state of the local repository and provide context for code reviews. These operations are limited to read-only metadata and diff extraction within the project scope. - [PROMPT_INJECTION]: The skill processes untrusted content (the code being reviewed). While an attacker could embed malicious instructions in code comments (Indirect Prompt Injection), the skill mitigates this risk by providing the user with a structured report and requiring a manual choice before any implementation occurs. Evidence:
SKILL.md(Step 1 and Step 7). - [SAFE]: The dangerous code patterns identified by static analysis in
references/security-checklist.md(such aseval(user_input)) are documented examples intended to assist the agent in identifying vulnerabilities during reviews, not executable code within the skill itself.
Audit Metadata