comment-checker
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: Potential for indirect prompt injection through the automated comment-checker feedback loop.
- Ingestion points: The agent ingests and acts upon feedback strings emitted from PostToolUse hooks following edit operations as described in SKILL.md.
- Boundary markers: There are no explicit delimiters or instructions provided to isolate the checker's feedback from other context or prevent it from being interpreted as authoritative instructions.
- Capability inventory: The agent utilizes tools such as apply_patch, write, edit, and multi_edit to resolve issues flagged in the checker's output.
- Sanitization: No sanitization or validation of the feedback received from the external checker binary is described or implemented.
- [NO_CODE]: The skill consists of documentation and configuration files with no executable scripts or binaries provided in the package.
Audit Metadata