code-reviewer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- No-Code Skill (SAFE): The skill consists entirely of markdown-based instructions for an AI agent. There are no associated scripts (.py, .js, .sh), binaries, or configuration files that could execute commands on a host system.
- Indirect Prompt Injection (SAFE): This skill defines a workflow for processing untrusted data (user-provided code for review). While this is an ingestion surface for indirect injection, the skill possesses no capabilities—such as file system write access, network communication, or shell execution—that could be exploited to cause harm. The risk is limited to potential bias in the generated review text.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, API keys, or sensitive file paths were detected. The skill does not perform any network operations.
Audit Metadata