code-review-amplifier
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or high-risk command executions were detected. The skill is designed to guide the AI through a multi-phase code review process.
- [PROMPT_INJECTION]: The skill processes untrusted external data (code snippets and pull request diffs), which represents an inherent surface for indirect prompt injection. An attacker could embed instructions within code comments or documentation files to attempt to influence the agent's review output.
- Ingestion points: User-provided code, PR descriptions, and repository files like
ARCHITECTURE.mdorCLAUDE.md. - Boundary markers: The skill does not explicitly define structural delimiters (like XML tags or specific markdown blocks) to isolate untrusted code from its own instructions, though its rigid five-phase output structure provides some natural resistance.
- Capability inventory: The skill does not request access to network tools, shell execution, or sensitive file systems, limiting the potential impact of a successful injection to text-based deception.
- Sanitization: No specific sanitization or filtering of input code is defined within the instructions.
Audit Metadata