bmad-review-adversarial-general
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of markdown instructions (SKILL.md) and does not include any scripts, executables, or configurations that would execute code or download external dependencies.
- [PROMPT_INJECTION]: The skill uses role-play instructions to adopt a specific persona ('cynical, jaded reviewer'). While this influences the AI's behavior and tone, it is a functional requirement for the skill's stated purpose of providing critical feedback and does not attempt to bypass core safety guidelines.
- [PROMPT_INJECTION]: There is a potential surface for indirect prompt injection as the skill processes external 'content' without using explicit boundary markers (such as XML tags or triple backticks) to separate the data from the prompt instructions. However, because the skill does not use any tools or have network/file system access, the impact of such an injection is restricted to the text output of the current session.
Audit Metadata