comprehensive-review-full-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): Susceptible to Indirect Prompt Injection (Category 8). The skill processes untrusted code via the
$ARGUMENTSvariable and interpolates it directly into prompts for various specialized sub-agents. - Ingestion points:
$ARGUMENTSis used as the primary input for every phase of the review (Quality, Architecture, Security, Performance, Testing, Documentation). - Boundary markers: Absent. The skill lacks delimiters (e.g., XML tags or triple quotes) or specific 'ignore embedded instructions' warnings when passing
$ARGUMENTSto sub-agents, making it possible for malicious comments in the code to influence the agent's behavior. - Capability inventory: The orchestration agent has the capability to trigger security audits, architecture reviews, and performance engineering tasks, as well as accessing external security scanners like Snyk and GitLeaks.
- Sanitization: No sanitization or validation of the input content is performed before interpolation into the task prompts.
Audit Metadata