review-loop
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's logic is focused on iterative refinement of work products. It uses standard platform features for subagent management and does not attempt to perform network exfiltration, access sensitive files, or maintain unauthorized persistence.
- [PROMPT_INJECTION]: The skill is designed to ingest and process untrusted work products (such as code or documentation) which could contain embedded instructions, creating a surface for indirect prompt injection.
- Ingestion points: The skill reads external files or diffs in the 'Step 2: Spawn Reviewer Subagent' section.
- Boundary markers: The prompt template uses Markdown headers (e.g., '## Files to review') to delimit ingested content from reviewer instructions.
- Capability inventory: The skill relies on subagent spawning (Agent tool) to perform reviews.
- Sanitization: No explicit escaping or filtering is applied to the content being reviewed.
Audit Metadata