Skills
skills/bigdra50/dotfiles/dual-review/Gen Agent Trust Hub

dual-review

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its core functionality of reading and analyzing external code files.
  • Ingestion points: Untrusted data enters the context via the Read tool when accessing the user-specified <target> path in SKILL.md.
  • Boundary markers: The instructions lack explicit delimiters or 'ignore' directives to prevent the agent from obeying instructions potentially hidden within the code being reviewed.
  • Capability inventory: The skill has the capability to read files via the Read tool and trigger other logic via the Skill tool, which increases the potential impact of an injection.
  • Sanitization: There is no evidence of input validation or content filtering before the source code is passed into the AI review phases.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 05:40 PM