Skills
skills/dnyoussef/ai-chrome-extension/sop-code-review/Gen Agent Trust Hub

sop-code-review

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [SAFE]: The skill defines a professional and secure workflow for software quality assurance. No malicious logic, obfuscation, or unauthorized data access patterns were detected within the instructions.
  • [COMMAND_EXECUTION]: The skill coordinates the execution of standard, reputable development tools including ESLint, Pylint, and RuboCop for automated code analysis.
  • [PROMPT_INJECTION]: The skill processes external code from pull requests, creating an inherent surface for indirect prompt injection. This is a characteristic of the intended use-case (code review) rather than a malicious defect.
  • Ingestion points: Code content and PR metadata processed in Phase 1 and Phase 2 (SKILL.md).
  • Boundary markers: None explicitly defined in the task templates to separate instructions from untrusted code data.
  • Capability inventory: Execution of analysis tools, build validators, and notification agents across the workflow (SKILL.md).
  • Sanitization: Not implemented for the reviewed code content.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 07:18 AM
Security Audit — agent-trust-hub — sop-code-review