init-copilot-review
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface detected. The skill instructions direct the agent to 'Ground on the repository before drafting' by inspecting files such as CONTRIBUTING.md, CLAUDE.md, and existing instruction files (SKILL.md).
- Ingestion points: Repository documentation and configuration files identified in SKILL.md.
- Boundary markers: No specific delimiters or 'ignore embedded instructions' warnings are specified for the ingestion process.
- Capability inventory: Writing instruction files to the .github/ directory and its subdirectories; executing 'wc -c' for character count validation (SKILL.md).
- Sanitization: The skill lacks explicit instructions for sanitizing or escaping content from the ingested files before using them to generate new instructions.
- [NO_CODE]: The skill package is composed entirely of Markdown documentation and JSON configuration files. No executable scripts (Python, Node.js) or binary assets are included in the package.
- [SAFE]: No hardcoded credentials, sensitive file access patterns, or unauthorized network operations were identified in any of the skill's files.
- [SAFE]: No obfuscation techniques, hidden characters, or encoded payloads were detected during analysis.
Audit Metadata