code-review
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. It is designed to ingest and analyze untrusted external data, specifically source code and 'design.md' specification files. Maliciously crafted content within these files (e.g., instructions hidden in comments or documentation) could potentially influence the agent's behavior or decision-making during the review process.
- Ingestion points: Processes source code files and 'design.md' specification documents as part of the review workflow.
- Boundary markers: No specific delimiters or safety instructions are defined to separate the skill's instructions from the content of the files being reviewed.
- Capability inventory: The skill itself is declarative and does not explicitly call dangerous tools, but it directs the agent's judgment over potentially sensitive project files.
- Sanitization: No evidence of input validation or sanitization for the code or specs being analyzed.
Audit Metadata