code-reviewer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONNO_CODE
Full Analysis
- Prompt Injection (LOW): Indirect Prompt Injection surface detected because the skill is designed to process untrusted external data. 1. Ingestion points: The skill triggers on and processes user-provided source code and PR descriptions. 2. Boundary markers: Absent; there are no instructions to delineate or treat code as untrusted data. 3. Capability inventory: Display-only; the skill identifies issues and provides text feedback without file-write, network, or subprocess capabilities. 4. Sanitization: Absent; no filtering or escaping of input is specified. Impact is limited to potentially biased analysis.
- No Code (SAFE): The skill consists exclusively of a Markdown file with YAML metadata and contains no Python, JavaScript, or shell scripts, eliminating the risk of direct command execution or malicious dependency usage.
Audit Metadata