review-feature-branch
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No direct malicious patterns such as credential exfiltration, remote code execution, or obfuscation were detected. The skill primarily serves as a high-level coordinator for other internal tools.
- [PROMPT_INJECTION]: The skill handles code from feature branches, which constitutes untrusted external data. This creates a surface for indirect prompt injection; however, the risk is mitigated by a mandatory human-in-the-loop confirmation step.
- Ingestion points: The skill ingests feature branch code when running the
/review-codestep. - Boundary markers: None are explicitly defined in the orchestrator file to separate code from instructions.
- Capability inventory: The skill has the capability to trigger code modifications through the
/finalizeand/investigateskills. - Sanitization: No programmatic sanitization is performed, but the workflow requires a user to manually approve the finalization step after reviewing the findings.
Audit Metadata