claude-review
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill implements mandatory worktree isolation for the reviewer agent, ensuring that the analysis occurs in a separate, read-only environment that cannot affect the primary codebase.
- [SAFE]: Instructions explicitly forbid the inclusion of real secret values in the reviewer's prompt or the final report summary.
- [COMMAND_EXECUTION]: Utilizes the Bash tool to perform legitimate code-reading operations, such as generating diff summaries and file lists, which are necessary to establish the review scope.
- [PROMPT_INJECTION]: The skill identifies a potential surface for indirect prompt injection as it processes external code changes; however, it mitigates this by requiring findings to be verified before action and instructing the sub-agent to refrain from making code changes.
Audit Metadata