code-review
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, suspicious code, or unauthorized behaviors were detected. The skill's functionality is consistent with its stated purpose of performing code reviews.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests untrusted code from local directories for analysis. However, this risk is mitigated by the restricted environment which only allows the tools 'Read', 'Glob', and 'Grep'.
- Ingestion points: Target files and directories provided via the 'target' parameter.
- Boundary markers: Not explicitly defined in the methodology.
- Capability inventory: Restricted to read-only filesystem access (SKILL.md).
- Sanitization: Not explicitly mentioned.
Audit Metadata