skills/adobe/skills/code-review/Gen Agent Trust Hub

code-review

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill manages an indirect prompt injection surface as it processes external content from GitHub.
  • Ingestion points: Pull request details, diffs, and comments are fetched from GitHub using the gh CLI as described in SKILL.md and resources/review-checklist.md.
  • Boundary markers: Explicit instructions in the 'External Content Safety' section of SKILL.md warn the agent against following embedded directives in external content.
  • Capability inventory: The skill uses git for local code analysis, gh for GitHub API interactions (including write access for posting reviews), and node to execute the capture-screenshots.js script.
  • Sanitization: The agent is explicitly instructed to treat all fetched content as untrusted and to ignore any commands or directives embedded within it.
  • [COMMAND_EXECUTION]: The skill directs the agent to use standard development tools, including git and the GitHub CLI (gh), for repository analysis and PR management. These operations are consistent with the skill's purpose and are confined to the relevant development environment.
  • [EXTERNAL_DOWNLOADS]: The skill utilizes the playwright library for automated browser-based visual validation. This involves standard browser binary downloads from a well-known service provider and is essential for the stated screenshot functionality.
  • [DATA_EXFILTRATION]: Data access is restricted to the code diffs and PR metadata required for the review process. The skill interacts solely with the local filesystem and the official GitHub API to post feedback as part of the intended review workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 07:35 AM
Security Audit — agent-trust-hub — code-review