code-review
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION] (SAFE): The skill implements persona constraints focused on technical rigor (e.g., 'No performative agreement'). These instructions are intended to improve professional output and do not attempt to bypass agent safety filters or override system-level instructions.- [COMMAND_EXECUTION] (SAFE): Mentions standard git commands like
git rev-parseandgrep. These are used for routine development tasks such as identifying commit ranges and checking for code usage. They are non-destructive and standard for the stated purpose.- [DATA_EXFILTRATION] (SAFE): No network operations, external URLs, or access to sensitive local files (like SSH keys or credentials) were found. The skill operates within the local development context.- [INDIRECT_PROMPT_INJECTION] (SAFE): While the skill describes processing feedback from external reviewers, it mandates a 'Verify before implementing' protocol. This evidence-based approach acts as a defensive measure against malicious or incorrect instructions embedded in external code review comments.
Audit Metadata