code-reviewer
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, hidden instructions, or unauthorized network operations were detected. The skill's functionality is transparent and matches its described purpose as a code review utility.
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute 'git diff' to identify recent changes. This is a legitimate and necessary operation for the subagent's intended primary purpose of reviewing code.
- [PROMPT_INJECTION]: The skill processes untrusted external code changes which presents a surface for indirect prompt injection. 1. Ingestion points: Git diff output and file content access via Read and Grep tools. 2. Boundary markers: No explicit delimiters or ignore-instructions are used to wrap the ingested code. 3. Capability inventory: The subagent has access to Bash, Read, Grep, and Glob tools. 4. Sanitization: No input validation or filtering is performed on the code being reviewed. While this surface exists, the risk is assessed as safe because the agent's instructions are strictly confined to analysis and reporting rather than code execution.
Audit Metadata