frontend-code-review
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill incorporates a robust human-in-the-loop mitigation (Phase 2) which requires the user to manually select and approve any findings before they are posted as comments on a Merge Request or Pull Request, preventing automated exploitation.
- [SAFE]: Explicit instructions are provided to treat all fetched content as untrusted and to reject any potential prompt injection attempts hidden within the code, comments, or strings of the repository being reviewed.
- [SAFE]: The skill adheres to a 'remote only' data access policy, utilizing Model Context Protocol (MCP) tools to interact with repositories rather than accessing the local file system or sensitive environment variables.
- [SAFE]: A thorough review of the provided instructions and checklists revealed no evidence of malicious patterns, such as hardcoded credentials, data exfiltration mechanisms, or unauthorized command execution.
Audit Metadata