peer-review
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill uses a standard command-line interface approach for code reviews without any suspicious or malicious behavior detected.
- [NO_CODE]: The skill is composed entirely of markdown instructions and does not contain any executable scripts or binary files.
- [PROMPT_INJECTION]: The skill reviews untrusted data (code changes) which presents an indirect prompt injection surface. Ingestion points: Code diffs and commits accessed via /codex in SKILL.md. Boundary markers: None specified in the instructions. Capability inventory: Execution of the /codex command. Sanitization: None specified in the prompt.
Audit Metadata