Skills
skills/cederberg/incubator/review-doc/Gen Agent Trust Hub

review-doc

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
  • [SAFE]: No signs of malicious instructions, credential harvesting, or unauthorized network activity were found in the skill's metadata or instructions.
  • [NO_CODE]: The skill is entirely instruction-based and does not include any code files or scripts, eliminating risks associated with code execution.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes document content provided by the user.
  • Ingestion points: Untrusted document text is read into the context via the Read tool.
  • Boundary markers: The instructions do not define clear delimiters or include warnings to help the sub-agent ignore instructions embedded within the documents.
  • Capability inventory: The skill is configured to use the Agent tool for task delegation and the Read tool for accessing user files.
  • Sanitization: No evidence of input filtering or content sanitization is present before document data is passed to the sub-agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 06:05 AM