review-api-design
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is strictly instructional and does not include any executable code, scripts, or network-capable tools. All operations are confined to reading local reference files and processing text.
- [PROMPT_INJECTION]: The skill processes untrusted user input ($ARGUMENTS) within its main review prompt. There is a theoretical surface for indirect prompt injection as user-provided API specifications are not isolated with boundary markers. However, the skill lacks access to exploitable tools, neutralizing potential impact.
- Ingestion points: User input describing API designs is interpolated into SKILL.md.
- Boundary markers: Absent.
- Capability inventory: No file system modification, network exfiltration, or command execution capabilities are defined or used.
- Sanitization: None.
Audit Metadata