Skills
skills/camacho/ai-skills/review-loop/Gen Agent Trust Hub

review-loop

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes project plans and code artifacts, which creates a surface for indirect prompt injection.
  • Ingestion points: Content from project plans or implementation work (SKILL.md).
  • Boundary markers: No explicit boundary markers are defined to isolate or ignore embedded instructions within the artifacts being reviewed.
  • Capability inventory: The agent is instructed to modify files to fix findings, commit changes to git, and use the GitHub CLI to create issues (SKILL.md).
  • Sanitization: No sanitization or validation of the ingested artifact content is specified before processing or executing fixes.
  • [COMMAND_EXECUTION]: Utilizes the GitHub CLI (gh) to record review findings as issues. This operation uses a well-known service and is consistent with the skill's stated purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 08:00 AM