code-reviewer
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of markdown documentation and templates. There are no scripts, executables, or configuration files that could perform actions on the host system.
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface.
- Ingestion points: The skill is designed to ingest and process untrusted data from external files and Pull Requests (SKILL.md).
- Boundary markers: No explicit boundary markers or delimiters are defined to separate the instructions from the code being reviewed.
- Capability inventory: The skill does not define any capabilities for file writing, network operations, or command execution across its documentation.
- Sanitization: There are no instructions for the agent to sanitize or escape content from the code files before processing or reporting findings.
Audit Metadata