receiving-code-review
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill establishes a workflow for technical code reviews, emphasizing skepticism toward external suggestions and prioritizing functional verification over emotional responses. No malicious patterns or security vulnerabilities were detected.
- [COMMAND_EXECUTION]: The skill references standard development tools such as
grepfor codebase searching and the GitHub CLI (gh api) for replying to pull request comments. These are used appropriately within the context of a code review workflow. - [PROMPT_INJECTION]: The instructions include constraints on the agent's tone (e.g., forbidding gratitude or 'performative' agreement). These are stylistic guidelines and do not attempt to bypass core safety filters or override the agent's underlying safety instructions.
- [DATA_EXPOSURE]: While the skill involves reading codebase content and interacting with PR comments, it does not instruct the agent to access sensitive credentials, environment files, or private keys.
Audit Metadata