code-reviewer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): No override markers, bypass attempts, or malicious instructions detected in any documentation or templates.
- [Data Exposure & Exfiltration] (SAFE): No unauthorized file access or network exfiltration detected. The shell script's use of grep to find secrets is a defensive security check.
- [Indirect Prompt Injection] (INFO): As a code review tool, this skill is designed to process external code and pull request data. While this is an inherent attack surface for AI agents, no vulnerabilities or unsafe prompts were found in the provided templates.
- [Command Execution] (LOW): The
scripts/quick-audit.shfile executes standard development and auditing tools (npm, eslint, tsc). This is appropriate for the skill's stated purpose.
Audit Metadata