generic-react-code-reviewer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill contains no instructions designed to override agent behavior, bypass safety filters, or extract system prompts.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file paths or network exfiltration patterns were detected. The skill focuses on local code review standards.
- [Obfuscation] (SAFE): All content is in plain markdown and standard code blocks; no Base64, zero-width characters, or other encoding techniques are used to hide intent.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill references standard development commands (npm run test/build) but does not download or execute remote scripts or unverified third-party packages.
- [Privilege Escalation] (SAFE): No commands for acquiring elevated permissions (e.g., sudo, chmod 777) are present.
- [Indirect Prompt Injection] (LOW): As a code reviewer, the skill is designed to process external code which is an untrusted source. However, it lacks dangerous capabilities like automated file writes or network requests based on that data, and it is governed by the LLM's internal safety boundaries.
Audit Metadata