review-lens
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements strong security boundaries by treating all external data (Git diffs, commit history, PR comments) strictly as data for analysis, explicitly forbidding the execution of instructions found within analyzed content.
- [SAFE]: Guideline discovery is restricted to the project repository root and explicitly excludes sensitive home directory configurations (e.g.,
~/.claude/), preventing accidental data exposure of personal settings. - [SAFE]: Code modifications are strictly opt-in, requiring explicit user confirmation before any suggested fixes are applied to the working tree.
- [SAFE]: The skill includes an anti-hallucination mechanism using line-marker annotation (
[L<n>]) to ensure the agent only references and reports on valid lines found in the actual source diff.
Audit Metadata