test-review
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements standard developer utility workflows and does not exhibit any malicious behaviors or include suspicious remote resources.
- [COMMAND_EXECUTION]: The skill utilizes Bash(git:*), Grep, and Glob to navigate the repository and identify relevant source and test files for analysis. These operations are restricted to the codebase context.
- [PROMPT_INJECTION]: The skill has a potential surface for indirect prompt injection through the analysis of repository files.
- [PROMPT_INJECTION]: Ingestion points: Source and test files are read using the Read tool and passed to the Codex LLM via mcp__codex__codex and mcp__codex__codex-reply.
- [PROMPT_INJECTION]: Boundary markers: Content is delimited using markdown code blocks in the reference prompt templates.
- [PROMPT_INJECTION]: Capability inventory: The agent is authorized to use Write, Bash, Read, and Grep tools.
- [PROMPT_INJECTION]: Sanitization: Content is processed without specific sanitization beyond standard LLM boundary separation.
Audit Metadata