skills/seqis/openclaw-skills-converted-from-claude-code/agent-peer-review-checker/Gen Agent Trust Hub
agent-peer-review-checker
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its core functionality of processing external review data.
- Ingestion points: Pull request comments and code reviews are retrieved via
gh pr viewand source files are analyzed usinggrepas specified in theSKILL.mdinstructions. - Boundary markers: No explicit delimiters or instructions are provided to distinguish between the agent's system prompts and instructions that might be embedded within the review data.
- Capability inventory: The agent has access to
Bash,Write, andEdittools, which could be exploited for unauthorized actions if the agent follows malicious commands found in the input data. - Sanitization: The skill lacks any evidence of sanitization or validation for the content retrieved from external sources before it is processed.
Audit Metadata