requesting-code-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions designed to bypass safety filters, extract system prompts, or override agent behavior were detected. The instructions focus purely on establishing a code review workflow.
- [Data Exposure & Exfiltration] (SAFE): The skill uses standard git commands (
git rev-parse,git log) to identify commits for review. No sensitive file paths, hardcoded credentials, or unauthorized network operations were identified. - [Remote Code Execution] (SAFE): No patterns of downloading and executing remote scripts (e.g.,
curl | bash) or installing unverifiable packages were found. - [Indirect Prompt Injection] (LOW): The skill identifies a data ingestion surface through placeholders like
{WHAT_WAS_IMPLEMENTED}and{PLAN_OR_REQUIREMENTS}. However, this is inherent to the code review process and does not represent an escalated risk in this context. - Ingestion points:
{WHAT_WAS_IMPLEMENTED},{PLAN_OR_REQUIREMENTS},{DESCRIPTION}placeholders in the task template. - Boundary markers: None explicitly defined in the markdown, though the subagent call is structured.
- Capability inventory: Triggers a subagent (
superpowers:code-reviewer) to analyze code; executes basic git read-only commands. - Sanitization: None explicitly mentioned in the process description.
Audit Metadata