code-reviewer
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to read and analyze untrusted code content from the file system. 1. Ingestion points: Target files identified in SKILL.md and read via the Read and Glob tools in prompts/01-review.md. 2. Boundary markers: Absent; there are no instructions to the agent to use delimiters or to ignore embedded instructions within the code being reviewed. 3. Capability inventory: Access to Bash, Read, Glob, and Grep tools. 4. Sanitization: No sanitization or validation of file contents is performed before processing.
- [COMMAND_EXECUTION]: The skill uses the Bash tool to verify project structure and execute local testing suites (e.g., npm test) as part of the review workflow. These operations are conducted within the local environment and are consistent with the skill's primary objective.
Audit Metadata