manual-review-comment-export
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a legitimate development utility with no evidence of malicious behavior. It performs analysis on repository changes and formats the findings into a specific, read-only data contract.
- [SAFE]: The instructions include security-best-practice guidance, explicitly telling the agent to prioritize identifying logic bugs, injection risks, and secret leakage in the code under review.
- [SAFE]: Potential risk from indirect prompt injection is mitigated by the skill's design.
- Ingestion points: The agent reads repository state (git status) and file diffs as its primary input.
- Boundary markers: The skill mandates that the final output must be exactly one fenced markdown block with no other text, preventing the agent from leaking internal instructions or being manipulated into following external commands.
- Capability inventory: The skill is limited to read operations (git, reading files) and "safe" analysis checks (linters, type checks). It explicitly forbids destructive commands or making code changes.
- Sanitization: The agent is instructed to focus on specific review areas and follow a strict output template, which acts as a logical filter for the ingested data.
Audit Metadata