swing-review
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Analysis of the skill instructions and metadata reveals no malicious patterns, hardcoded credentials, or unauthorized network operations. The tool configuration is appropriate for its stated purpose of code and architecture review.- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it is designed to process untrusted external data with high-privilege tools.
- Ingestion points: Reads code, pull requests, and architecture decisions from files and tools like
Read,Grep, andGlob. - Boundary markers: Absent. There are no explicit instructions for the agent to ignore or isolate potential instructions embedded in the content being reviewed.
- Capability inventory: Includes
Bash(shell execution),Read(file system access), andAgent(task orchestration). - Sanitization: Absent. The skill does not implement validation or escaping of the ingested content before it enters the agent's context.
Audit Metadata